VAR-201410-1418
Vulnerability from variot - Updated: 2026-04-10 23:34The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. OpenSSL is prone to an information disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. The following versions are vulnerable: OpenSSL 0.9.8 prior to 0.9.8zc OpenSSL 1.0.0 prior to 1.0.0o OpenSSL 1.0.1 prior to 1.0.1j. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. The vulnerability is caused by the program's use of non-deterministic CBC padding. OpenSSL Security Advisory [15 Oct 2014] =======================================
SRTP Memory Leak (CVE-2014-3513)
Severity: High
A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected.
This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team.
The fix was developed by the OpenSSL team.
Session Ticket Memory Leak (CVE-2014-3567)
Severity: Medium
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack.
This issue was reported to OpenSSL on 8th October 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
SSL 3.0 Fallback protection
Severity: Medium
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade.
Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE (CVE-2014-3566).
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 https://www.openssl.org/~bodo/ssl-poodle.pdf
Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller.
Build option no-ssl3 is incomplete (CVE-2014-3568)
Severity: Low
When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them.
This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014.
The fix was developed by Akamai and the OpenSSL team.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20141015.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. The following firmware versions of Virtual Connect (VC) are impacted:
HPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45 HPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21
Note: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800, CVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and CVE-2016-2842. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201507-14
https://security.gentoo.org/
Severity: Normal Title: Oracle JRE/JDK: Multiple vulnerabilities Date: July 10, 2015 Bugs: #537214 ID: 201507-14
Synopsis
Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components. Please review the CVE identifiers referenced below for details.
Impact
An context-dependent attacker may be able to influence the confidentiality, integrity, and availability of Java applications/runtime.
Workaround
There is no workaround at this time.
Resolution
All Oracle JRE 8 users should upgrade to the latest stable version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.8.0.31
All Oracle JDK 8 users should upgrade to the latest stable version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.8.0.31
All Oracle JRE 7 users should upgrade to the latest version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.7.0.76
All Oracle JDK 7 users should upgrade to the latest stable version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.7.0.76
References
[ 1 ] CVE-2014-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3566
[ 2 ] CVE-2014-6549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6549
[ 3 ] CVE-2014-6585
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6585
[ 4 ] CVE-2014-6587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6587
[ 5 ] CVE-2014-6591
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6591
[ 6 ] CVE-2014-6593
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6593
[ 7 ] CVE-2014-6601
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6601
[ 8 ] CVE-2015-0383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0383
[ 9 ] CVE-2015-0395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0395
[ 10 ] CVE-2015-0400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0400
[ 11 ] CVE-2015-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0403
[ 12 ] CVE-2015-0406
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0406
[ 13 ] CVE-2015-0407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0407
[ 14 ] CVE-2015-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0408
[ 15 ] CVE-2015-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0410
[ 16 ] CVE-2015-0412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0412
[ 17 ] CVE-2015-0413
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0413
[ 18 ] CVE-2015-0421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0421
Availability
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201507-14
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
HP CMS: UCMDB Browser all supported versions. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-ibm security update
Advisory ID: RHSA-2014:1876-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1876.html
Issue date: 2014-11-19
CVE Names: CVE-2014-3065 CVE-2014-3566 CVE-2014-4288
CVE-2014-6456 CVE-2014-6457 CVE-2014-6458
CVE-2014-6476 CVE-2014-6492 CVE-2014-6493
CVE-2014-6502 CVE-2014-6503 CVE-2014-6506
CVE-2014-6511 CVE-2014-6512 CVE-2014-6515
CVE-2014-6527 CVE-2014-6531 CVE-2014-6532
CVE-2014-6558
=====================================================================
- Summary:
Updated java-1.7.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64
- Description:
IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM
Java Software Development Kit.
This update fixes several vulnerabilities in the IBM Java Runtime
Environment and the IBM Java Software Development Kit. Detailed
vulnerability descriptions are linked from the IBM Security alerts
page, listed in the References section. (CVE-2014-3065, CVE-2014-3566,
CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476,
CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506,
CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531,
CVE-2014-6532, CVE-2014-6558)
The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat
Product Security.
Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to
address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM
article linked to in the References section for additional details about
this change and instructions on how to re-enable SSL 3.0 support if needed.
All users of java-1.7.0-ibm are advised to upgrade to these updated
packages, containing the IBM Java SE 7 SR8 release. All running instances
of IBM Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)
1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066)
1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846)
1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)
1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152758 - CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152765 - CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152767 - CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
x86_64:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
ppc:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
s390x:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390x.rpm
x86_64:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3065
https://access.redhat.com/security/cve/CVE-2014-3566
https://access.redhat.com/security/cve/CVE-2014-4288
https://access.redhat.com/security/cve/CVE-2014-6456
https://access.redhat.com/security/cve/CVE-2014-6457
https://access.redhat.com/security/cve/CVE-2014-6458
https://access.redhat.com/security/cve/CVE-2014-6476
https://access.redhat.com/security/cve/CVE-2014-6492
https://access.redhat.com/security/cve/CVE-2014-6493
https://access.redhat.com/security/cve/CVE-2014-6502
https://access.redhat.com/security/cve/CVE-2014-6503
https://access.redhat.com/security/cve/CVE-2014-6506
https://access.redhat.com/security/cve/CVE-2014-6511
https://access.redhat.com/security/cve/CVE-2014-6512
https://access.redhat.com/security/cve/CVE-2014-6515
https://access.redhat.com/security/cve/CVE-2014-6527
https://access.redhat.com/security/cve/CVE-2014-6531
https://access.redhat.com/security/cve/CVE-2014-6532
https://access.redhat.com/security/cve/CVE-2014-6558
https://access.redhat.com/security/updates/classification/#critical
https://www.ibm.com/developerworks/java/jdk/alerts/
https://www-01.ibm.com/support/docview.wss?uid=swg21688165
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUbOWGXlSAg2UNWIIRAhPmAJ96YO5JFEg4GS1MkDIeXQkRxbN0hACgoUiY
ehbScogUJnSordhBH11LgWQ=
=ko7F
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
ftp://ssl098zc:Secure12@ftp.usa.hp.com
User name: ssl098zc Password: (NOTE: Case sensitive) Secure12
HP-UX Release
HP-UX OpenSSL version
B.11.11 (11i v1)
A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot
B.11.23 (11i v2)
A.00.09.08zc.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3)
A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08zc or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HP and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically. For
more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
The update is available from HPE Software Depot: https://h20392.www2.hpe.com/
portal/swdepot/displayProductInfo.do?productNumber=HPVPRhttps://www.hpe.com
Note: HPE recommends customers using OV4VC 7.8.1 and earlier should upgrade
to OV4VC 7.8.2. This addresses all SSL security vulnerabilities reported
through March 28, 2016. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04496538
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04496538
Version: 1
HPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL,
Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2014-11-10
Last Updated: 2014-11-10
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP IceWall SSO
Dfw , SSO Certd, and MCRP running OpenSSL.
This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy
Encryption" or "Poodle", which could be exploited remotely resulting in
disclosure of information..
References: CVE-2014-3566 (SSRT101789)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HP IceWall MCRP v2.1, v3.0
- HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0
- HP IceWall SSO Certd v8.0R3 with DB plugin patch 2 and v10.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score
CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends the following software updates and workaround instructions to
resolve this vulnerability for HP IceWall SSO Dfw, SSO Certd, and MCRP.
The software updates are available at:
http://www.hp.com/jp/icewall_patchaccess
Notes:
- There are no updates or mitigations for MCRP 2.1 and Dfw
8.0/8.0R1/8.0R2/8.0R3.
- HP recommends updating these older versions to the latest versions and
patches and then following the WORKAROUND INSTRUCTIONS below.
- The WORKAROUND INSTRUCTIONS should be followed after applying the
following updates.
Software Update Versions
HP IceWall MCRP 3.0 Patch release 1
HP IceWall SSO Dfw 10.0 Patch release 7
Note: Both software update versions provide the use of TLSv1 which is not
vulnerable and available for each supported platform.
WORKAROUND INSTRUCTIONS
HP recommends the following information to protect against potential risk
for the following HP IceWall products.
HP IceWall SSO Dfw and MCRP
- If possible, do not use the SHOST setting which allows IceWall SSO
Dfw or MCRP to use SSL/TLS protocol to back-end web servers.
- The following steps should be applied if SSL/TLS protocol to back-end
web servers must be used:
o For MCRP: apply MCRP patch release 1
o For Dfw: apply Dfw patch release 7 or later
o Set SSL_PROTOCOL parameter to TLSv1
HP IceWall SSO Certd
- For Certd version 10.0 and 8.0R3: apply DB plugin patch release 2
- If possible, do not use the LDAPSSL setting which allows IceWall SSO
Certd to connect to the LDAP server using SSL/TLS protocol.
- If SSL/TLS protocol must be used to LDAP server, configure the LDAP
server to use only TLSv1 as a mitigation for the vulnerability. For example,
on an OpenLDAP server (slapd), Set the TLSProtocolMin parameter.
Note: The HP IceWall product is only available in Japan.
HISTORY
Version:1 (rev.1) - 10 November 2014 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.
HP SiteScope 11.1x
HP SiteScope 11.2x
Important note: HP SiteScope is impacted if and only if it is configured to
work over secure channel (HTTPS). This protocol is now disabled by default.
For the oldstable distribution (wheezy), this problem has been fixed
in version 1.4.31-4+deb7u4.
We recommend that you upgrade your lighttpd packages
Show details on source website
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "suse linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8u"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8o"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.3"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8w"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "suse linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.5"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "suse linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "21"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8p"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "database",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.2.0.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.7"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.4"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8z"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.5"
},
{
"_id": null,
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "10.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "mageia",
"scope": "eq",
"trust": 1.0,
"vendor": "mageia",
"version": "3.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zb"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.4"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8e"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.3"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8q"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8f"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0"
},
{
"_id": null,
"model": "suse linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.3"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "9.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.4"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8i"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8r"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8t"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8n"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.3"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.2.1"
},
{
"_id": null,
"model": "mageia",
"scope": "eq",
"trust": 1.0,
"vendor": "mageia",
"version": "4.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8s"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "database",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8y"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.2"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.2.2"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "windows vista service pack",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.12"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.6"
},
{
"_id": null,
"model": "integrated lights out",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "21.16"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"_id": null,
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "78000"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"_id": null,
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.842"
},
{
"_id": null,
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.0"
},
{
"_id": null,
"model": "ace appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "wireless location appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source",
"scope": "eq",
"trust": 0.3,
"vendor": "asterisk",
"version": "1.8.3.1"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.37"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0.0.52"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"_id": null,
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "websphere process server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4"
},
{
"_id": null,
"model": "commonstore for lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "3.0"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "websphere lombardi edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.23"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.31"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "network collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "networks sa2000",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "hat enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.9"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.13"
},
{
"_id": null,
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.1"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.185"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.8"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "networks sa6500 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"_id": null,
"model": "windows server r2 for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "websphere lombardi edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.27"
},
{
"_id": null,
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "runtimes for java technology",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "networks sa6000 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0"
},
{
"_id": null,
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.25"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.740"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.5.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.6"
},
{
"_id": null,
"model": "windows server itanium sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "ediscovery analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"_id": null,
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.2"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "network automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.10"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "sitescope",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.35"
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.3"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.39"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"_id": null,
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli netcool performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "network automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "forticlient",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.760"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.5"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4.27"
},
{
"_id": null,
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "67000"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"_id": null,
"model": "windows server for itanium-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.1"
},
{
"_id": null,
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1.730"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.21"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "sitescope",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.10"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"_id": null,
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli business service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.01"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.03"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.19"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"_id": null,
"model": "hat enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.5"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"_id": null,
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.31"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.0"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"_id": null,
"model": "performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.00"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.02"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "hat enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.00"
},
{
"_id": null,
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "runtimes for java technology",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"_id": null,
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.841"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.021"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.750"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
}
],
"sources": [
{
"db": "BID",
"id": "70574"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
}
],
"trust": 0.7
},
"cve": "CVE-2014-3566",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-3566",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-71506",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.6,
"id": "CVE-2014-3566",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3566",
"trust": 1.0,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-71506",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3566",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "VULMON",
"id": "CVE-2014-3566"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"description": {
"_id": null,
"data": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue. OpenSSL is prone to an information disclosure vulnerability. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. \nThe following versions are vulnerable:\nOpenSSL 0.9.8 prior to 0.9.8zc\nOpenSSL 1.0.0 prior to 1.0.0o\nOpenSSL 1.0.1 prior to 1.0.1j. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. The vulnerability is caused by the program\u0027s use of non-deterministic CBC padding. OpenSSL Security Advisory [15 Oct 2014]\n=======================================\n\nSRTP Memory Leak (CVE-2014-3513)\n================================\n\nSeverity: High\n\nA flaw in the DTLS SRTP extension parsing code allows an attacker, who\nsends a carefully crafted handshake message, to cause OpenSSL to fail\nto free up to 64k of memory causing a memory leak. This could be\nexploited in a Denial Of Service attack. This issue affects OpenSSL\n1.0.1 server implementations for both SSL/TLS and DTLS regardless of\nwhether SRTP is used or configured. Implementations of OpenSSL that\nhave been compiled with OPENSSL_NO_SRTP defined are not affected. \n\nThis issue was reported to OpenSSL on 26th September 2014, based on an original\nissue and patch developed by the LibreSSL project. Further analysis of the issue\nwas performed by the OpenSSL team. \n\nThe fix was developed by the OpenSSL team. \n\n\nSession Ticket Memory Leak (CVE-2014-3567)\n==========================================\n\nSeverity: Medium\n\nWhen an OpenSSL SSL/TLS/DTLS server receives a session ticket the\nintegrity of that ticket is first verified. In the event of a session\nticket integrity check failing, OpenSSL will fail to free memory\ncausing a memory leak. By sending a large number of invalid session\ntickets an attacker could exploit this issue in a Denial Of Service\nattack. \n\nThis issue was reported to OpenSSL on 8th October 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nSSL 3.0 Fallback protection\n===========================\n\nSeverity: Medium\n\nOpenSSL has added support for TLS_FALLBACK_SCSV to allow applications\nto block the ability for a MITM attacker to force a protocol\ndowngrade. \n\nSome client applications (such as browsers) will reconnect using a\ndowngraded protocol to work around interoperability bugs in older\nservers. This could be exploited by an active man-in-the-middle to\ndowngrade connections to SSL 3.0 even if both sides of the connection\nsupport higher protocols. SSL 3.0 contains a number of weaknesses\nincluding POODLE (CVE-2014-3566). \n\nhttps://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\nhttps://www.openssl.org/~bodo/ssl-poodle.pdf\n\nSupport for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller. \n\n\nBuild option no-ssl3 is incomplete (CVE-2014-3568)\n==================================================\n\nSeverity: Low\n\nWhen OpenSSL is configured with \"no-ssl3\" as a build option, servers\ncould accept and complete a SSL 3.0 handshake, and clients could be\nconfigured to send them. \n\nThis issue was reported to OpenSSL by Akamai Technologies on 14th October 2014. \n\nThe fix was developed by Akamai and the OpenSSL team. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20141015.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. \nThe following firmware versions of Virtual Connect (VC) are impacted:\n\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21\n\nNote: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800,\nCVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and\nCVE-2016-2842. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201507-14\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Oracle JRE/JDK: Multiple vulnerabilities\n Date: July 10, 2015\n Bugs: #537214\n ID: 201507-14\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Oracle JRE/JDK, allowing\nboth local and remote attackers to compromise various Java components. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nAn context-dependent attacker may be able to influence the\nconfidentiality, integrity, and availability of Java\napplications/runtime. \n\nWorkaround\n==========\n\nThere is no workaround at this time. \n\nResolution\n==========\n\nAll Oracle JRE 8 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jre-bin-1.8.0.31\n\nAll Oracle JDK 8 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jdk-bin-1.8.0.31\n\nAll Oracle JRE 7 users should upgrade to the latest version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jre-bin-1.7.0.76\n\nAll Oracle JDK 7 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jdk-bin-1.7.0.76\n\nReferences\n==========\n\n[ 1 ] CVE-2014-3566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3566\n[ 2 ] CVE-2014-6549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6549\n[ 3 ] CVE-2014-6585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6585\n[ 4 ] CVE-2014-6587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6587\n[ 5 ] CVE-2014-6591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6591\n[ 6 ] CVE-2014-6593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6593\n[ 7 ] CVE-2014-6601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6601\n[ 8 ] CVE-2015-0383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0383\n[ 9 ] CVE-2015-0395\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0395\n[ 10 ] CVE-2015-0400\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0400\n[ 11 ] CVE-2015-0403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0403\n[ 12 ] CVE-2015-0406\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0406\n[ 13 ] CVE-2015-0407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0407\n[ 14 ] CVE-2015-0408\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0408\n[ 15 ] CVE-2015-0410\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0410\n[ 16 ] CVE-2015-0412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0412\n[ 17 ] CVE-2015-0413\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0413\n[ 18 ] CVE-2015-0421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0421\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201507-14\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n HP CMS: UCMDB Browser all supported versions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.7.0-ibm security update\nAdvisory ID: RHSA-2014:1876-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1876.html\nIssue date: 2014-11-19\nCVE Names: CVE-2014-3065 CVE-2014-3566 CVE-2014-4288 \n CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 \n CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 \n CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 \n CVE-2014-6511 CVE-2014-6512 CVE-2014-6515 \n CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 \n CVE-2014-6558 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-ibm packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64\n\n3. Description:\n\nIBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM\nJava Software Development Kit. \n\nThis update fixes several vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Detailed\nvulnerability descriptions are linked from the IBM Security alerts\npage, listed in the References section. (CVE-2014-3065, CVE-2014-3566,\nCVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476,\nCVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506,\nCVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531,\nCVE-2014-6532, CVE-2014-6558)\n\nThe CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat\nProduct Security. \n\nNote: With this update, the IBM SDK now disables the SSL 3.0 protocol to\naddress the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM\narticle linked to in the References section for additional details about\nthis change and instructions on how to re-enable SSL 3.0 support if needed. \n\nAll users of java-1.7.0-ibm are advised to upgrade to these updated\npackages, containing the IBM Java SE 7 SR8 release. All running instances\nof IBM Java must be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)\n1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)\n1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)\n1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)\n1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066)\n1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846)\n1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)\n1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152758 - CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152765 - CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152767 - CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack\n1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\n\nx86_64:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\n\nppc:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\n\ns390x:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390x.rpm\n\nx86_64:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3065\nhttps://access.redhat.com/security/cve/CVE-2014-3566\nhttps://access.redhat.com/security/cve/CVE-2014-4288\nhttps://access.redhat.com/security/cve/CVE-2014-6456\nhttps://access.redhat.com/security/cve/CVE-2014-6457\nhttps://access.redhat.com/security/cve/CVE-2014-6458\nhttps://access.redhat.com/security/cve/CVE-2014-6476\nhttps://access.redhat.com/security/cve/CVE-2014-6492\nhttps://access.redhat.com/security/cve/CVE-2014-6493\nhttps://access.redhat.com/security/cve/CVE-2014-6502\nhttps://access.redhat.com/security/cve/CVE-2014-6503\nhttps://access.redhat.com/security/cve/CVE-2014-6506\nhttps://access.redhat.com/security/cve/CVE-2014-6511\nhttps://access.redhat.com/security/cve/CVE-2014-6512\nhttps://access.redhat.com/security/cve/CVE-2014-6515\nhttps://access.redhat.com/security/cve/CVE-2014-6527\nhttps://access.redhat.com/security/cve/CVE-2014-6531\nhttps://access.redhat.com/security/cve/CVE-2014-6532\nhttps://access.redhat.com/security/cve/CVE-2014-6558\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://www.ibm.com/developerworks/java/jdk/alerts/\nhttps://www-01.ibm.com/support/docview.wss?uid=swg21688165\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUbOWGXlSAg2UNWIIRAhPmAJ96YO5JFEg4GS1MkDIeXQkRxbN0hACgoUiY\nehbScogUJnSordhBH11LgWQ=\n=ko7F\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nftp://ssl098zc:Secure12@ftp.usa.hp.com\n\nUser name: ssl098zc Password: (NOTE: Case sensitive) Secure12\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot\n\nB.11.23 (11i v2)\n A.00.09.08zc.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08zc or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nThe update is available from HPE Software Depot: https://h20392.www2.hpe.com/\nportal/swdepot/displayProductInfo.do?productNumber=HPVPRhttps://www.hpe.com\n\nNote: HPE recommends customers using OV4VC 7.8.1 and earlier should upgrade\nto OV4VC 7.8.2. This addresses all SSL security vulnerabilities reported\nthrough March 28, 2016. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04496538\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04496538\nVersion: 1\n\nHPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL,\nRemote Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-11-10\nLast Updated: 2014-11-10\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP IceWall SSO\nDfw , SSO Certd, and MCRP running OpenSSL. \n\nThis is the SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" or \"Poodle\", which could be exploited remotely resulting in\ndisclosure of information.. \n\nReferences: CVE-2014-3566 (SSRT101789)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HP IceWall MCRP v2.1, v3.0\n - HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0\n - HP IceWall SSO Certd v8.0R3 with DB plugin patch 2 and v10.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends the following software updates and workaround instructions to\nresolve this vulnerability for HP IceWall SSO Dfw, SSO Certd, and MCRP. \n\n The software updates are available at:\n\n http://www.hp.com/jp/icewall_patchaccess\n\n Notes:\n\n - There are no updates or mitigations for MCRP 2.1 and Dfw\n8.0/8.0R1/8.0R2/8.0R3. \n - HP recommends updating these older versions to the latest versions and\npatches and then following the WORKAROUND INSTRUCTIONS below. \n - The WORKAROUND INSTRUCTIONS should be followed after applying the\nfollowing updates. \n\n Software Update Versions\n\n HP IceWall MCRP 3.0 Patch release 1\n\n HP IceWall SSO Dfw 10.0 Patch release 7\n\n Note: Both software update versions provide the use of TLSv1 which is not\nvulnerable and available for each supported platform. \n\nWORKAROUND INSTRUCTIONS\n\n HP recommends the following information to protect against potential risk\nfor the following HP IceWall products. \n\n HP IceWall SSO Dfw and MCRP\n\n - If possible, do not use the SHOST setting which allows IceWall SSO\nDfw or MCRP to use SSL/TLS protocol to back-end web servers. \n\n - The following steps should be applied if SSL/TLS protocol to back-end\nweb servers must be used:\n\n o For MCRP: apply MCRP patch release 1\n o For Dfw: apply Dfw patch release 7 or later\n o Set SSL_PROTOCOL parameter to TLSv1\n\n HP IceWall SSO Certd\n\n - For Certd version 10.0 and 8.0R3: apply DB plugin patch release 2\n\n - If possible, do not use the LDAPSSL setting which allows IceWall SSO\nCertd to connect to the LDAP server using SSL/TLS protocol. \n\n - If SSL/TLS protocol must be used to LDAP server, configure the LDAP\nserver to use only TLSv1 as a mitigation for the vulnerability. For example,\non an OpenLDAP server (slapd), Set the TLSProtocolMin parameter. \n\nNote: The HP IceWall product is only available in Japan. \n\nHISTORY\nVersion:1 (rev.1) - 10 November 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\nHP SiteScope 11.1x\nHP SiteScope 11.2x\n\nImportant note: HP SiteScope is impacted if and only if it is configured to\nwork over secure channel (HTTPS). This protocol is now disabled by default. \n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.4.31-4+deb7u4. \n\nWe recommend that you upgrade your lighttpd packages",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3566"
},
{
"db": "BID",
"id": "70574"
},
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "VULMON",
"id": "CVE-2014-3566"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132641"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "129178"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
},
{
"db": "PACKETSTORM",
"id": "135908"
}
],
"trust": 2.34
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-71506",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-3566",
"trust": 2.6
},
{
"db": "BID",
"id": "70574",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSMA-18-058-02",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61130",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61995",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60792",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61019",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61316",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61827",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61782",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60056",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61810",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61819",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61825",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60206",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61303",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61359",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61345",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59627",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60859",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61926",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031120",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031106",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031124",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031091",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031095",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031088",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031093",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031105",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031094",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031087",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031090",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031107",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031132",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031085",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031039",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031096",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031131",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031029",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031123",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031086",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031130",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031092",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031089",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA14-290A",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10091",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10104",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10090",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#577193",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10705",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "128921",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129065",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129266",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132641",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "136577",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "130334",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129071",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "135908",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "131009",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130184",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131051",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128838",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130296",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129150",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132084",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132573",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131354",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128969",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132469",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128669",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128866",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136599",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133640",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129263",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129614",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131011",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139063",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128863",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130332",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128730",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130298",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131690",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128770",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130125",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128732",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128733",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130816",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129528",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130052",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132470",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133836",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129242",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129401",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130304",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130549",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129427",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131008",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130046",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128769",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130141",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133368",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132942",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130070",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129318",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132965",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131790",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130818",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128771",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130050",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133600",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130072",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129120",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129426",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201410-267",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-92692",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-71506",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-3566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169664",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "VULMON",
"id": "CVE-2014-3566"
},
{
"db": "BID",
"id": "70574"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132641"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "129178"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
},
{
"db": "PACKETSTORM",
"id": "135908"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"id": "VAR-201410-1418",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
}
],
"trust": 0.5931986333333333
},
"last_update_date": "2026-04-10T23:34:59.740000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Debian Security Advisories: DSA-3489-1 lighttpd -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=dcb828f6dad683ea0da76b6c62cde0ea"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=4545b8bd124b33fa1434a34c59003fd5"
},
{
"title": "HP: HPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03360"
},
{
"title": "Debian CVElist Bug Report Logs: Not possible to disable SSLv3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=cd46735759deed658e1e15bd89794f91"
},
{
"title": "Amazon Linux AMI: ALAS-2014-426",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-426"
},
{
"title": "Red Hat: CVE-2014-3566",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3566"
},
{
"title": "Amazon Linux AMI: ALAS-2014-429",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-429"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=9e10ca91834a4f14416f4e75e776c6b6"
},
{
"title": "Red Hat: Important: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150085 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150067 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-3253-1 pound -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=ad76a2fc91623114f1aaa478b7ecbe12"
},
{
"title": "Red Hat: Important: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150068 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.8.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150069 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150079 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.6.0-sun security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150086 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-3053-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=89bdef3607a7448566a930eca0e94cb3"
},
{
"title": "Symantec Security Advisories: SA83 : SSL v3 Poodle Attack",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=3703d1b5dc42da47d311d20afe00de22"
},
{
"title": "Red Hat: Critical: java-1.8.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150080 - Security Advisory"
},
{
"title": "Cisco: SSL-TLS Implementations Cipher Block Chaining Padding Information Disclosure Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=Cisco-SA-20141211-CVE-2014-8730"
},
{
"title": "Debian CVElist Bug Report Logs: asterisk: CVE-2014-9374",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=5ec9c01ff2551bc64f61573dcb290621"
},
{
"title": "Citrix Security Bulletins: CVE-2014-3566 - Citrix Security Advisory for SSLv3 Protocol Flaw",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=510bf83b7458a7704870eecdfadf5704"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2014-8418 CVE-2014-8412 CVE-2014-8414 CVE-2014-8417",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ea75db152315222e9fc0490c8b65fb98"
},
{
"title": "Tenable Security Advisories: [R6] SSLv3 Protocol Vulnerability Affects Tenable Products (POODLE)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2014-09"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2487-1"
},
{
"title": "Debian Security Advisories: DSA-3144-1 openjdk-7 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d750da8121d006282839ec576885794b"
},
{
"title": "Red Hat: Low: Red Hat Satellite IBM Java Runtime security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150264 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-3147-1 openjdk-6 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=f0587b999035ec3e03b0795bc92b0a31"
},
{
"title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2486-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-480",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-480"
},
{
"title": "Amazon Linux AMI: ALAS-2015-471",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-471"
},
{
"title": "Huawei Security Advisories: Huawei PSIRT: Technical Analysis Report Regarding Finite State Supply Chain Assessment",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=73885f997edba4cefdd6ba9030e87bdc"
},
{
"title": "mangy-beast",
"trust": 0.1,
"url": "https://github.com/ashmastaflash/mangy-beast "
},
{
"title": "BASH_froggPoodler",
"trust": 0.1,
"url": "https://github.com/FroggDev/BASH_froggPoodler "
},
{
"title": "lacework-kaholo-autoremediation",
"trust": 0.1,
"url": "https://github.com/automatecloud/lacework-kaholo-autoremediation "
},
{
"title": "bouncer",
"trust": 0.1,
"url": "https://github.com/ggrandes/bouncer "
},
{
"title": "voipnowpatches",
"trust": 0.1,
"url": "https://github.com/4psa/voipnowpatches "
},
{
"title": "ric13351",
"trust": 0.1,
"url": "https://github.com/bjayesh/ric13351 "
},
{
"title": "squeeze-lighttpd-poodle",
"trust": 0.1,
"url": "https://github.com/matjohns/squeeze-lighttpd-poodle "
},
{
"title": "poodle_check",
"trust": 0.1,
"url": "https://github.com/rameezts/poodle_check "
},
{
"title": "poodle_protector",
"trust": 0.1,
"url": "https://github.com/stdevel/poodle_protector "
},
{
"title": "bouncer",
"trust": 0.1,
"url": "https://github.com/TechPorter20/bouncer "
},
{
"title": "aws_poodle_fix",
"trust": 0.1,
"url": "https://github.com/rvaralda/aws_poodle_fix "
},
{
"title": "dnsmanagerpatches",
"trust": 0.1,
"url": "https://github.com/4psa/dnsmanagerpatches "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Wanderwille/13.01 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3566"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-310",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1876.html"
},
{
"trust": 1.2,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165"
},
{
"trust": 1.2,
"url": "https://www.openssl.org/news/secadv_20141015.txt"
},
{
"trust": 1.2,
"url": "https://www.openssl.org/~bodo/ssl-poodle.pdf"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031029"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031039"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031085"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031086"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031087"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031088"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031089"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031090"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031091"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031092"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031093"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031094"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031095"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031096"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031105"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031106"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031107"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031120"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031123"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031124"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031130"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031131"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031132"
},
{
"trust": 1.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141015-poodle"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59627"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60056"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60206"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60792"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60859"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61019"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61130"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61303"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61316"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61345"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61359"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61782"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61810"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61819"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61825"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61827"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61926"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61995"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/70574"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533747"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533746"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/jan/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00002.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2014/dsa-3053"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3253"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3489"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-november/142330.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141158.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141114.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169374.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169361.html"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201606-11"
},
{
"trust": 1.1,
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04583581"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:203"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-015.txt.asc"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1652.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1653.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1692.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1877.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1880.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1881.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1882.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1920.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1948.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0068.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0079.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0080.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0085.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0086.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0264.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0698.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1545.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1546.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/ncas/alerts/ta14-290a"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2486-1"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2487-1"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/577193"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "http://advisories.mageia.org/mgasa-2014-0416.html"
},
{
"trust": 1.1,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
},
{
"trust": 1.1,
"url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"
},
{
"trust": 1.1,
"url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"
},
{
"trust": 1.1,
"url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"
},
{
"trust": 1.1,
"url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"
},
{
"trust": 1.1,
"url": "http://docs.ipswitch.com/moveit/dmz82/releasenotes/moveitreleasenotes82.pdf"
},
{
"trust": 1.1,
"url": "http://downloads.asterisk.org/pub/security/ast-2014-011.html"
},
{
"trust": 1.1,
"url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"
},
{
"trust": 1.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04779034"
},
{
"trust": 1.1,
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/cve-2014-3566.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/ht204244"
},
{
"trust": 1.1,
"url": "http://support.citrix.com/article/ctx200238"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021431"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021439"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2015-0003.html"
},
{
"trust": 1.1,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.1,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/articles/1232123"
},
{
"trust": 1.1,
"url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"
},
{
"trust": 1.1,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa83"
},
{
"trust": 1.1,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789"
},
{
"trust": 1.1,
"url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"
},
{
"trust": 1.1,
"url": "https://github.com/mpgn/poodle-poc"
},
{
"trust": 1.1,
"url": "https://groups.google.com/forum/#%21topic/docker-user/oym0i3xshju"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04819635"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05068681"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05157667"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-058-02"
},
{
"trust": 1.1,
"url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20141015-0001/"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht205217"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6527"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6529"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6531"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6535"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6536"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6541"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6542"
},
{
"trust": 1.1,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/product_security/poodle"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/us/en/product_security/poodle"
},
{
"trust": 1.1,
"url": "https://technet.microsoft.com/library/security/3009008.aspx"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"
},
{
"trust": 1.1,
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"
},
{
"trust": 1.1,
"url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"
},
{
"trust": 1.1,
"url": "https://www.elastic.co/blog/logstash-1-4-3-released"
},
{
"trust": 1.1,
"url": "https://www.imperialviolet.org/2014/10/14/poodle.html"
},
{
"trust": 1.1,
"url": "https://www.suse.com/support/kb/doc.php?id=7015773"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10104"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10091"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10090"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"trust": 1.0,
"url": "https://templatelab.com/ssl-poodle/"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141577350823734\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141576815022399\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141620103726640\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141697638231025\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141703183219781\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141697676231104\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141775427104070\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141814011518700\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141715130023061\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141813976718456\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142118135300698\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142296755107581\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142354438527235\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142350743917559\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142350196615714\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142350298616097\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142357976805598\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142962817202793\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290371927178\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144294141001552\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=145983526810210\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141450973807288\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142721887231400\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142660345230545\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142804214608580\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141450452204552\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141628688425177\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141577087123040\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141694355519663\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141879378918327\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290583027876\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143628269912142\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143039249603103\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624619906067\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142495837901899\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290522027658\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624719706349\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290437727362\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624590206005\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624679706236\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142740155824959\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142721830231196\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142791032306609\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144101915224472\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142103967620673\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143558137709884\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143558192010071\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142805027510172\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142546741516006\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144251162130364\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141477196830952\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143101048219218\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142496355704097\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624619906067"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142607790919348\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=openssl-dev\u0026amp;m=141333049205629\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10705"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10090"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10091"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10104"
},
{
"trust": 0.1,
"url": "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/swd/public"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5161"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0395"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0407"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0406"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0383"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6585"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0413"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6601"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6593"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0406"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0410"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0403"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0408"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0412"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0413"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0410"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0408"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0407"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0383"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0395"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facets"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6531"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6532"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6511"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6457"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3065"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6493"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-4288"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6532"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6457"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6512"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6531"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6511"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3065"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6458"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6527"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6502"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6493"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6503"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6502"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6506"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6515"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6506"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6456"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6515"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6456"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6527"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6458"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6512"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://www.hpe.com"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hpe.com/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/jp/icewall_patchaccess"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsea"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132641"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "129178"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
},
{
"db": "PACKETSTORM",
"id": "135908"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-71506",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2014-3566",
"ident": null
},
{
"db": "BID",
"id": "70574",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169664",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137294",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132641",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129266",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129178",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130334",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128921",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136577",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129071",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129065",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135908",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-3566",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-71506",
"ident": null
},
{
"date": "2014-10-15T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3566",
"ident": null
},
{
"date": "2014-10-14T00:00:00",
"db": "BID",
"id": "70574",
"ident": null
},
{
"date": "2014-10-15T12:12:12",
"db": "PACKETSTORM",
"id": "169664",
"ident": null
},
{
"date": "2016-06-02T16:22:00",
"db": "PACKETSTORM",
"id": "137294",
"ident": null
},
{
"date": "2015-07-10T15:43:42",
"db": "PACKETSTORM",
"id": "132641",
"ident": null
},
{
"date": "2014-11-26T15:08:22",
"db": "PACKETSTORM",
"id": "129266",
"ident": null
},
{
"date": "2014-11-20T16:18:57",
"db": "PACKETSTORM",
"id": "129178",
"ident": null
},
{
"date": "2015-02-10T17:43:07",
"db": "PACKETSTORM",
"id": "130334",
"ident": null
},
{
"date": "2014-10-31T23:08:29",
"db": "PACKETSTORM",
"id": "128921",
"ident": null
},
{
"date": "2016-04-06T13:28:14",
"db": "PACKETSTORM",
"id": "136577",
"ident": null
},
{
"date": "2014-11-12T18:14:00",
"db": "PACKETSTORM",
"id": "129071",
"ident": null
},
{
"date": "2014-11-12T18:13:12",
"db": "PACKETSTORM",
"id": "129065",
"ident": null
},
{
"date": "2016-02-24T23:59:00",
"db": "PACKETSTORM",
"id": "135908",
"ident": null
},
{
"date": "2014-10-15T00:55:02.137000",
"db": "NVD",
"id": "CVE-2014-3566",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-71506",
"ident": null
},
{
"date": "2023-09-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3566",
"ident": null
},
{
"date": "2015-11-03T18:53:00",
"db": "BID",
"id": "70574",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3566",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "70574"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "70574"
}
],
"trust": 0.3
},
"type": {
"_id": null,
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "70574"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…