All the vulnerabilites related to ecos_sourceware - ecos
cve-2008-0960
Vulnerability from cvelistv5
Published
2008-06-10 18:00
Modified
2024-08-07 08:01
Severity ?
EPSS score ?
Summary
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"name": "35463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35463"
},
{
"name": "30615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30615"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT2163"
},
{
"name": "ADV-2008-1787",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"name": "30648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30648"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q"
},
{
"name": "32664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32664"
},
{
"name": "ADV-2008-1981",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"name": "ADV-2008-1801",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"name": "SUSE-SA:2008:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"name": "[productinfo] 20080611 Ingate Firewall and SIParator affected by SNMPv3 vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"name": "31351",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31351"
},
{
"name": "ADV-2008-1788",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm"
},
{
"name": "FEDORA-2008-5215",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html"
},
{
"name": "29623",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29623"
},
{
"name": "31334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31334"
},
{
"name": "ADV-2008-2971",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "oval:org.mitre.oval:def:10820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10820"
},
{
"name": "oval:org.mitre.oval:def:6414",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6414"
},
{
"name": "30626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30626"
},
{
"name": "SSRT080082",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "[oss-security] 20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"name": "HPSBMA02439",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"name": "VU#878044",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"name": "30647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30647"
},
{
"name": "238865",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "ADV-2008-1836",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"name": "33003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33003"
},
{
"name": "20080610 SNMP Version 3 Authentication Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"name": "ADV-2008-2361",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"name": "31568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31568"
},
{
"name": "31467",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31467"
},
{
"name": "APPLE-SA-2008-06-30",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
},
{
"name": "DSA-1663",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"name": "TA08-162A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"name": "RHSA-2008:0528",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0528.html"
},
{
"name": "3933",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3933"
},
{
"name": "RHSA-2008:0529",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0529.html"
},
{
"name": "30612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30612"
},
{
"name": "30802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z"
},
{
"name": "5790",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"name": "ADV-2008-1797",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"name": "GLSA-200808-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"name": "20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"name": "30665",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30665"
},
{
"name": "FEDORA-2008-5218",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00459.html"
},
{
"name": "FEDORA-2008-5224",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00380.html"
},
{
"name": "ADV-2008-1800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"name": "MDVSA-2008:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:118"
},
{
"name": "USN-685-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"name": "1020218",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020218"
},
{
"name": "30596",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30596"
},
{
"name": "oval:org.mitre.oval:def:5785",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5785"
},
{
"name": "ADV-2009-1612",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"name": "30574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"name": "35463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35463"
},
{
"name": "30615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30615"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT2163"
},
{
"name": "ADV-2008-1787",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"name": "30648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30648"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q"
},
{
"name": "32664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32664"
},
{
"name": "ADV-2008-1981",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"name": "ADV-2008-1801",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"name": "SUSE-SA:2008:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"name": "[productinfo] 20080611 Ingate Firewall and SIParator affected by SNMPv3 vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"name": "31351",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31351"
},
{
"name": "ADV-2008-1788",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm"
},
{
"name": "FEDORA-2008-5215",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html"
},
{
"name": "29623",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29623"
},
{
"name": "31334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31334"
},
{
"name": "ADV-2008-2971",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "oval:org.mitre.oval:def:10820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10820"
},
{
"name": "oval:org.mitre.oval:def:6414",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6414"
},
{
"name": "30626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30626"
},
{
"name": "SSRT080082",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "[oss-security] 20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"name": "HPSBMA02439",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"name": "VU#878044",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"name": "30647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30647"
},
{
"name": "238865",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "ADV-2008-1836",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"name": "33003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33003"
},
{
"name": "20080610 SNMP Version 3 Authentication Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"name": "ADV-2008-2361",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"name": "31568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31568"
},
{
"name": "31467",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31467"
},
{
"name": "APPLE-SA-2008-06-30",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
},
{
"name": "DSA-1663",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"name": "TA08-162A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"name": "RHSA-2008:0528",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0528.html"
},
{
"name": "3933",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3933"
},
{
"name": "RHSA-2008:0529",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0529.html"
},
{
"name": "30612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30612"
},
{
"name": "30802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z"
},
{
"name": "5790",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"name": "ADV-2008-1797",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"name": "GLSA-200808-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"name": "20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"name": "30665",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30665"
},
{
"name": "FEDORA-2008-5218",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00459.html"
},
{
"name": "FEDORA-2008-5224",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00380.html"
},
{
"name": "ADV-2008-1800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"name": "MDVSA-2008:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:118"
},
{
"name": "USN-685-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"name": "1020218",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020218"
},
{
"name": "30596",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30596"
},
{
"name": "oval:org.mitre.oval:def:5785",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5785"
},
{
"name": "ADV-2009-1612",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"name": "30574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-0960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"name": "35463",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35463"
},
{
"name": "30615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30615"
},
{
"name": "http://support.apple.com/kb/HT2163",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT2163"
},
{
"name": "ADV-2008-1787",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"name": "30648",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30648"
},
{
"name": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q"
},
{
"name": "32664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32664"
},
{
"name": "ADV-2008-1981",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"name": "ADV-2008-1801",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"name": "SUSE-SA:2008:039",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"name": "[productinfo] 20080611 Ingate Firewall and SIParator affected by SNMPv3 vulnerability",
"refsource": "MLIST",
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"name": "31351",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31351"
},
{
"name": "ADV-2008-1788",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm"
},
{
"name": "FEDORA-2008-5215",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html"
},
{
"name": "29623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29623"
},
{
"name": "31334",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31334"
},
{
"name": "ADV-2008-2971",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "oval:org.mitre.oval:def:10820",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10820"
},
{
"name": "oval:org.mitre.oval:def:6414",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6414"
},
{
"name": "30626",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30626"
},
{
"name": "SSRT080082",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html",
"refsource": "MISC",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "[oss-security] 20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"name": "HPSBMA02439",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"name": "VU#878044",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"name": "30647",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30647"
},
{
"name": "238865",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "ADV-2008-1836",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"name": "33003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33003"
},
{
"name": "20080610 SNMP Version 3 Authentication Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"name": "ADV-2008-2361",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"name": "31568",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31568"
},
{
"name": "31467",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31467"
},
{
"name": "APPLE-SA-2008-06-30",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
},
{
"name": "DSA-1663",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"name": "TA08-162A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162A.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87"
},
{
"name": "http://www.ocert.org/advisories/ocert-2008-006.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"name": "RHSA-2008:0528",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0528.html"
},
{
"name": "3933",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3933"
},
{
"name": "RHSA-2008:0529",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0529.html"
},
{
"name": "30612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30612"
},
{
"name": "30802",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30802"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=447974",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z"
},
{
"name": "5790",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"name": "ADV-2008-1797",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"name": "GLSA-200808-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"name": "20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"name": "30665",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30665"
},
{
"name": "FEDORA-2008-5218",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00459.html"
},
{
"name": "FEDORA-2008-5224",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00380.html"
},
{
"name": "ADV-2008-1800",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"name": "MDVSA-2008:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:118"
},
{
"name": "USN-685-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=833770",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"name": "1020218",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020218"
},
{
"name": "30596",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30596"
},
{
"name": "oval:org.mitre.oval:def:5785",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5785"
},
{
"name": "ADV-2009-1612",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"name": "30574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-0960",
"datePublished": "2008-06-10T18:00:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2008-06-10 18:32
Modified
2024-11-21 00:43
Severity ?
Summary
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catos:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAC7FBF-2493-42CA-9B23-20AF09F0DDA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:catos:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE64E4C4-BACE-404F-966D-415976781DC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:catos:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "377F951F-C2D8-441D-A532-F62E23937F94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:catos:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "34A3A284-36A9-4E8C-815D-6E2FE4C158DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.0:s:*:*:*:*:*:*",
"matchCriteriaId": "A5823F33-7FB3-465B-8017-1866D9EF3AA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.0:sy:*:*:*:*:*:*",
"matchCriteriaId": "94870E9E-C883-4051-8854-CDE0AE7A64B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.1:e:*:*:*:*:*:*",
"matchCriteriaId": "85C2FF9C-7730-4DBF-8C86-1EF0F1E71D8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:ewa:*:*:*:*:*:*",
"matchCriteriaId": "4A4AFC06-85C5-4AD0-A409-27F9AF398D7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:jk:*:*:*:*:*:*",
"matchCriteriaId": "EB593071-BB5A-47AD-B9C6-59D2010F6280",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sb:*:*:*:*:*:*",
"matchCriteriaId": "74382B2D-E9A6-453D-9C07-F959EAB4C075",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sg:*:*:*:*:*:*",
"matchCriteriaId": "B3D93383-BD5A-4052-B724-055F6FCFC314",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sga:*:*:*:*:*:*",
"matchCriteriaId": "6B1E3C39-163D-4A99-AC96-2EE388305000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sra:*:*:*:*:*:*",
"matchCriteriaId": "90710000-F963-4F36-9EE1-C3CE1CECDCA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:srb:*:*:*:*:*:*",
"matchCriteriaId": "5F4F8B9E-B2AB-4545-8ACF-8F03E636E842",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:src:*:*:*:*:*:*",
"matchCriteriaId": "6E2D6402-D2AF-4817-8A46-1FA9B17B720C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sxb:*:*:*:*:*:*",
"matchCriteriaId": "79BB5494-735D-424B-8B41-2FAECE1A7AD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sxd:*:*:*:*:*:*",
"matchCriteriaId": "FD6178BC-9741-4FC1-87DA-A5407B3A4F40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sxf:*:*:*:*:*:*",
"matchCriteriaId": "2A419BD7-6345-43D8-B69C-2255E2EF6FD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:zl:*:*:*:*:*:*",
"matchCriteriaId": "B472DEEE-148A-46B4-BCBC-0A9F62F38B31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:zy:*:*:*:*:*:*",
"matchCriteriaId": "23305EBA-11D5-417E-823E-39D0D052839D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8D0F64-5DE1-4A6F-91F0-8A8509BF077F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:b:*:*:*:*:*:*",
"matchCriteriaId": "95418AD2-FB85-4E20-B874-D82DDF88BC91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:ja:*:*:*:*:*:*",
"matchCriteriaId": "14D1B81D-95E4-4945-94F2-C36FD7C0DC55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:jeb:*:*:*:*:*:*",
"matchCriteriaId": "452FF154-F6C0-4BC4-969E-1D49AA3CCE49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:jk:*:*:*:*:*:*",
"matchCriteriaId": "3AB6C57C-8805-443F-8ACE-83DAA48878CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:jl:*:*:*:*:*:*",
"matchCriteriaId": "554C9611-55F1-40AF-9862-7E902D5CE1D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:jx:*:*:*:*:*:*",
"matchCriteriaId": "F89C185A-D3B3-4F5F-9249-F8EE89E8DD04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:t:*:*:*:*:*:*",
"matchCriteriaId": "EEB0B55E-3579-4929-862F-C5FF9F796AE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:xa:*:*:*:*:*:*",
"matchCriteriaId": "8E8E34D3-0BCB-4D19-A41C-0375941E1B21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:xg:*:*:*:*:*:*",
"matchCriteriaId": "09CBD68E-2A5C-43DF-9AD6-DE07815821B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:xi:*:*:*:*:*:*",
"matchCriteriaId": "01393D91-ED1D-460D-8621-10260F0CBDD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:xk:*:*:*:*:*:*",
"matchCriteriaId": "8AB2FF53-5991-4264-B5CC-D1E45460BFCE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:xr:*:*:*:*:*:*",
"matchCriteriaId": "1A1FAF42-B7B1-40B0-A0F7-5DF821E6193F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:yf:*:*:*:*:*:*",
"matchCriteriaId": "1BE94EA2-E0CC-4760-94A8-DE56C8181F74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:yi:*:*:*:*:*:*",
"matchCriteriaId": "929836AD-8128-4174-872D-B9638B54611C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:yt:*:*:*:*:*:*",
"matchCriteriaId": "5ED5B53D-930D-477E-A0F6-76167AE67641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:yx:*:*:*:*:*:*",
"matchCriteriaId": "84983F6A-64F6-4720-9291-FC84CA10EE25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A60117-E4D1-4741-98A2-E643A26616A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:t:*:*:*:*:*:*",
"matchCriteriaId": "156B91B9-1F5B-4E83-A2B7-A5B7F272D5B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xa:*:*:*:*:*:*",
"matchCriteriaId": "C9E90E83-1732-4BEF-BC5B-401769DC8880",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xc:*:*:*:*:*:*",
"matchCriteriaId": "51679B26-DF28-4E41-9801-E1599F250FFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xd:*:*:*:*:*:*",
"matchCriteriaId": "E989900F-BE66-47E4-9A1B-11B9785F89BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xe:*:*:*:*:*:*",
"matchCriteriaId": "95A01B7E-8231-4001-A340-31CE66474FDA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xj:*:*:*:*:*:*",
"matchCriteriaId": "3CC62D3B-A287-4DED-A44D-3351452D4A55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xw:*:*:*:*:*:*",
"matchCriteriaId": "687E91FF-957E-449F-BDD6-85AA59E1E0D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79528F96-FD42-4A76-82EE-4B1324D53B5F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D626B494-6210-4F74-8D17-BA480B6665C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82B6315D-7BEF-419F-9B93-3CF669E986D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "33CCFFC6-9D26-4C39-AF76-0B8FCDE743CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FB31FAC-D720-4BF1-BFCC-0A9B714E292A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "904CA41E-8168-41DE-AE84-941962A7BB71",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D69F8FA-D58A-4F53-86D8-A20C73E9B299",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD331C50-DB93-4001-B56A-C1012F894CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "75538529-611A-43B5-AC4D-089C4E2E2ACC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F992D03D-1DB8-44C1-B59D-1C09A32A2C91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8BC298-4AF9-4281-9AD9-0D8F621E46B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2FE436B-2117-4FB4-B550-8454848D1D58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:nx_os:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69D2BD63-C110-4E89-B239-4A59E20AB78E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:nx_os:4.0.1:a:*:*:*:*:*:*",
"matchCriteriaId": "43E5FFB6-861D-4F91-B3C9-C5E57DDD25C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:nx_os:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD3BD3D-767D-483D-9FFE-D23AA2E228E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ecos_sourceware:ecos:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6762126F-55E4-4963-99F5-206A46979E7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ecos_sourceware:ecos:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1945B97A-8276-4EE2-8F76-5F0C0956DF18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ecos_sourceware:ecos:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8CA81F-2AB6-45F8-8AAE-BF6A7EDA73D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ecos_sourceware:ecos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2452913-0513-46BB-A52E-8FA12D77B570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ecos_sourceware:ecos:2.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "5D967624-23B1-48BB-91DB-1E1C18AAAD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18CCF3B9-CA7D-4D37-BD2C-1B74586B98A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0AB8C2-EE95-48AA-98B7-B6ED40494A0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77930529-89BE-463D-8259-3D67D153284A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "743DEB17-3BE3-4278-A54B-2CE547DB9F31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCAF8C2-0E4E-4474-BD1E-F28A6EAEF8F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2BCA127-F5F3-418F-890D-6B1C03019590",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5A2C2F-ABF4-46B0-80AB-867B97AE5237",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BE83150C-456E-462A-A0F1-ED8EAD60D671",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5B2431-335C-461B-B07F-88267EA71DCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9DBA8E67-021A-4D07-94B9-943A8E1C4468",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "905D1F04-CDFD-4BAD-8939-5ABC70A874E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00878E69-2721-43E3-A853-D3DCFE5C258D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C51799BB-D931-436C-8C94-558956AC880A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1ACC549-B5AF-4F5C-A3FE-257AA6D80C7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D498D406-A453-4119-BBA1-4709CF5862AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D68555E-BEB9-4F1E-8D6D-C313FB501523",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B44A0D4-3020-414B-81D7-679E8441E182",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:unkown:x86:*:*:*:*:*",
"matchCriteriaId": "B76A8BD4-E53F-49A6-946B-6E672DD0419C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E75493D0-F060-4CBA-8AB0-C4FE8B2A8C9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ace_10_6504_bundle_with_4_gbps_throughput:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C6B46B-13E2-4DA4-9EF2-007893034269",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_10_6509_bundle_with_8_gbps_throughput:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C501EB-CF9F-437D-A7C0-2A12F1D5E171",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_10_service_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "538FE81A-2FD9-4A7C-AEC7-8FCE98DADBE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_20_6504_bundle_with__4gbps_throughput:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15D3471D-6267-4481-8BBD-BFC106E8F30B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_20_6509_bundle_with_8gbps_throughput:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13FB3C8A-87D3-4601-BD97-2B9F9FA8CA47",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_20_service_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0292228-80D8-4BA4-8662-698D7003D7D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFD21CF-CC38-477F-A78B-10CFEFF81E0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_xml_gateway:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "522C9080-86A6-40A8-905C-73187DAF83F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_xml_gateway:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1B7A18-F230-44D4-801E-8284085CA1DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9120:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E62CC4C-89A7-4594-BDD8-394211889220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9124:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E152F995-BCD2-4725-A47C-1A5E7D6B9005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9134:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51E38404-ED69-4B0E-A035-2AF5E0649CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9140:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A90F0A06-A634-4BD0-A477-90BD3384B7D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "346E0D1B-CF9E-48BC-AE7A-F8CEF09F6741",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0123D2ED-3983-45D3-B54A-3E75FCE99C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "66CA6C29-1DF1-46E3-BDCA-9ED72D3E6731",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E50E974E-87F5-45A2-88BA-B1E4913E3DAD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AB25CC-BB96-4675-98D7-C5FF30C24014",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7C95AD-3D5F-458B-A761-5D7779FEA327",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E4A3F6-5D89-47D0-84AD-601682399D8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C700A36D-5FB4-475D-BE85-74511830870A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "02060365-1D67-4611-8D79-B9FC354EBF99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "194BD880-F672-4492-8356-B14C8DA8C2DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1D769FC-3081-48F8-BBF1-3964F3F8B569",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A966DB26-8A52-4F4D-9C0E-8A8719A195AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6675DF0-963A-4091-9786-7CE3337EE47E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77A94931-8584-4021-A5BB-83FF22D54955",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F06FB120-9BB3-4363-B2A2-A3475993FDFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8229DE3A-B9CB-44FF-8409-51E09DDED479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1AAD7A89-294A-45DA-B5F5-C69F7FCC4A5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2699E7A6-7B3A-4C4C-9472-B8B6B547624D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D913348F-351C-4D78-A0AA-27B355D52235",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E88A46-CEC7-46D5-9697-232E18531FD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F16B8D0-81F5-4ECE-8276-EC30DDCCE1A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECFBAFE-9267-469A-A97F-F716969B247C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48F839C7-7B33-4BF6-9ACF-76F32F5D7C72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1559E6-E7B6-4B5B-8841-CF502E05BA46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F041246F-5B7F-4F63-9E81-02465C9062C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB78013-DEE9-438E-ABD1-5E3D932177BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D77447C3-AA72-4CAB-A0B1-0883D41AD064",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "473038C0-1644-4FF2-A1DA-BCB8A7CD1CA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3F04F-7581-4DCA-970D-9FCBB56EA724",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABF04A7-8230-4AB9-8D66-DF1463037823",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC205E36-7027-4A9B-8574-9BB9C68007A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69C55DD7-986A-4AB6-8F61-5A5D26531011",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84DDD7E4-D5D7-4341-9482-2B918306578D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "14A3C59C-6A3D-477B-B425-1C085D6951E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31AA57F4-5023-4333-9F19-C9D362E8E495",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "063034FF-0AB8-4D78-9822-0DCA9657C853",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67477EC7-363E-45B5-BA53-1A4E9FB20CDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78E11F95-E635-465C-BD7F-5F7E9192DEAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74F145F0-573E-4CBC-AB69-3B77D6F9A540",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49DA7D86-8845-43CA-80DC-3D794322CB28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD34FEB-7956-44AE-A510-2E5F9EF61651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEF5098-3791-4CEB-A436-2809A4385D27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D895880-FB98-4472-A164-458CE086F339",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D7912AA3-0469-479E-9C5A-53F20E504956",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8677C6C8-39CA-492A-A196-9DFAF892120C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51FA6F2A-8444-4BB2-B7F2-B97AEFFF9E27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "60E46CAD-0032-4CD6-AA2A-871E1DFC3A35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22CE55DE-00CA-4F87-9CA0-80A360E332FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC81FA-A6B4-41DC-8097-8944D06A2451",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB87853E-CAFF-48D8-9C56-A2DE325235D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "61E35451-BEE3-412A-8706-5522C00BE1DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E599E0CE-CCB7-4A30-8AA9-45BBC11AFEC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F45326B3-CC4E-4C3A-9819-28936A0432F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBF1A78-7190-4326-84BD-C18CC354DA38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D97FFBA0-2E80-40EF-A4AC-F26D3490371E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A442F5B-5A1A-4CD0-B693-851FFB917E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "074BCB70-AD66-4141-9DD3-9DE73BDCB0F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "646BF70F-CB7B-48E3-8563-E089E1CECD11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1CD34A7B-508C-45F2-8725-FE42398D3652",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2785732-A5C7-434E-B45D-13138B574F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "989A4E8A-F23D-4BF5-B860-FB7B04A1CE56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A07E1241-24BE-48D3-B737-56B2AAA3AF64",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB751FD-CCCA-4131-A24F-65DEF1128B26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:session_and_resource_control:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D106F4E4-4B41-4002-8C34-6A9C3A0FF640",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:session_and_resource_control:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "863583DC-DD93-46DC-BA06-0B838CDB2565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:src_pe:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D50E1B4-A64E-45D5-8A44-947DE7B8AAD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:src_pe:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5F1A8F-5ED9-4ED0-A336-A0E4A439E6F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte."
},
{
"lang": "es",
"value": "Una comprobaci\u00f3n SNMPv3 HMAC en (1) Net-SNMP versi\u00f3n 5.2.x anterior a 5.2.4.1, versi\u00f3n 5.3.x anterior a 5.3.2.1 y versi\u00f3n 5.4.x anterior a 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) C-series versi\u00f3n 1.0.0 hasta 2.0.0 de Juniper Session and Resource Control (SRC); (5) Data de NetApp (tambi\u00e9n se conoce como Network Appliance) ONTAP versiones 7.3RC1 y 7.3RC2; (6) SNMP Research versi\u00f3n anterior a 16.2; (7) m\u00faltiples productos Cisco IOS, CatOS, ACE y Nexus; (8) Ingate Firewall versi\u00f3n 3.1.0 y posterior y SIParator versi\u00f3n 3.1.0 y posterior; (9) HP OpenView SNMP Emanate Master Agent versi\u00f3n 15.x; y posiblemente otros productos dependen del cliente para especificar la longitud del HMAC, lo que facilita que los atacantes remotos omitan la autenticaci\u00f3n SNMP por medio de un valor de longitud de 1, que solo comprueba el primer byte."
}
],
"id": "CVE-2008-0960",
"lastModified": "2024-11-21T00:43:19.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-10T18:32:00.000",
"references": [
{
"source": "cret@cert.org",
"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"source": "cret@cert.org",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"source": "cret@cert.org",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"source": "cret@cert.org",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0528.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30574"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30596"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/30612"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30615"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30626"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30647"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30648"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30665"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30802"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31334"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31351"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31467"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31568"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32664"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33003"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/35463"
},
{
"source": "cret@cert.org",
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/securityalert/3933"
},
{
"source": "cret@cert.org",
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"source": "cret@cert.org",
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"source": "cret@cert.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"source": "cret@cert.org",
"url": "http://support.apple.com/kb/HT2163"
},
{
"source": "cret@cert.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87"
},
{
"source": "cret@cert.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:118"
},
{
"source": "cret@cert.org",
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"source": "cret@cert.org",
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"source": "cret@cert.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0529.html"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/29623"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1020218"
},
{
"source": "cret@cert.org",
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162A.html"
},
{
"source": "cret@cert.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
},
{
"source": "cret@cert.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"source": "cret@cert.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10820"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5785"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6414"
},
{
"source": "cret@cert.org",
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"source": "cret@cert.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html"
},
{
"source": "cret@cert.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00380.html"
},
{
"source": "cret@cert.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00459.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0528.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT2163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0529.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/29623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00380.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00459.html"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}