Search criteria
1704 vulnerabilities found for sunos by sun
VAR-200506-0133
Vulnerability from variot - Updated: 2024-07-23 21:22Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. Included with many products Telnet Clients NEW-ENVIRON By command Telnet There is a problem that the environment variable information is illegally taken because the restriction of the environment variable sent to the server is inappropriate.By a third party IFRAME Tag and "TELNET://" Formal URI Etc., Web Malicious via page or email Telnet By enticing a target user to connect to a server, they may be able to obtain important information about the target system, such as the user's name, search path for executables, and locations of important data. still, Microsoft Windows 2000 Is not affected by this issue, Microsoft Windows Services for UNIX If you are using, you may be affected by this issue. Also some Linux Included with the distribution Kerberos Has been reported to be affected by this issue. Telnet clients provided by multiple vendors are prone to a remote information-disclosure vulnerability. Attackers can retrieve any information stored in the environment of clients using the affected telnet application.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Microsoft Telnet Client Information Disclosure Weakness
SECUNIA ADVISORY ID: SA15690
VERIFY ADVISORY: http://secunia.com/advisories/15690/
CRITICAL: Not critical
IMPACT: Exposure of system information
WHERE:
From remote
OPERATING SYSTEM: Microsoft Windows XP Professional http://secunia.com/product/22/ Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/
SOFTWARE: Microsoft Windows Services for UNIX 2.x http://secunia.com/product/5243/ Microsoft Windows Services for UNIX 3.x http://secunia.com/product/5244/
DESCRIPTION: Ga\xebl Delalleau has reported a weakness has been reported in Microsoft Windows, which can be exploited by malicious people to gain knowledge of various information.
Successful exploitation requires that a user e.g. visits a malicious web site or is tricked into clicking a specially crafted link.
SOLUTION: Apply patches.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200506-0133",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sunos",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "5.9"
},
{
"model": "telnet client",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.1.2600.2180"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.3.4"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.3.9"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.3.9"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.7"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.0 (for solaris 7)"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.0.1 (for solaris 8)"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.0.2 (for solaris 9)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.6,
"vendor": "mit",
"version": "5-1.3.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "5.9"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "sunos x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "5.2"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "4.2"
},
{
"model": "windows server enterprise edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "solaris 2.7 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.2"
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "mn100",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.3"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows server standard edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "3-dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "3.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "sunos x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.9"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux imap server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "windows server datacenter edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.7"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "sunos",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.8"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "5.0"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "windows server enterprise edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1x86"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "4.4"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.1"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux enterprise server for s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.8"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "3-dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.7"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "windows server datacenter edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.7"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.2"
},
{
"model": "sunos",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.7"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "propack sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "linux database server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "services for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2.2"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.4"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "services for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "4.4.1"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "services for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "3.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "7.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "linux office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "services for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "3.5"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "suse email server iii",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "services for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.1"
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "sunos x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.7"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "suse email server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "3.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "linux enterprise server for s/390",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "4.0"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "linux connectivity server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "5.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800829"
},
{
"db": "BID",
"id": "13940"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000380"
},
{
"db": "CNNVD",
"id": "CNNVD-200506-129"
},
{
"db": "NVD",
"id": "CVE-2005-0488"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:telnet_client:5.1.2600.2180:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0488"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ga\u0026euml;l Delalleau gael.delalleau+ moz@m4x.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200506-129"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0488",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2005-0488",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0488",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#800829",
"trust": 0.8,
"value": "0.17"
},
{
"author": "CNNVD",
"id": "CNNVD-200506-129",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800829"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000380"
},
{
"db": "CNNVD",
"id": "CNNVD-200506-129"
},
{
"db": "NVD",
"id": "CVE-2005-0488"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. Included with many products Telnet Clients NEW-ENVIRON By command Telnet There is a problem that the environment variable information is illegally taken because the restriction of the environment variable sent to the server is inappropriate.By a third party IFRAME Tag and \"TELNET://\" Formal URI Etc., Web Malicious via page or email Telnet By enticing a target user to connect to a server, they may be able to obtain important information about the target system, such as the user\u0027s name, search path for executables, and locations of important data. still, Microsoft Windows 2000 Is not affected by this issue, Microsoft Windows Services for UNIX If you are using, you may be affected by this issue. Also some Linux Included with the distribution Kerberos Has been reported to be affected by this issue. Telnet clients provided by multiple vendors are prone to a remote information-disclosure vulnerability. \nAttackers can retrieve any information stored in the environment of clients using the affected telnet application. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nMicrosoft Telnet Client Information Disclosure Weakness\n\nSECUNIA ADVISORY ID:\nSA15690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15690/\n\nCRITICAL:\nNot critical\n\nIMPACT:\nExposure of system information\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nMicrosoft Windows XP Professional\nhttp://secunia.com/product/22/\nMicrosoft Windows XP Home Edition\nhttp://secunia.com/product/16/\nMicrosoft Windows Server 2003 Web Edition\nhttp://secunia.com/product/1176/\nMicrosoft Windows Server 2003 Datacenter Edition\nhttp://secunia.com/product/1175/\nMicrosoft Windows Server 2003 Standard Edition\nhttp://secunia.com/product/1173/\nMicrosoft Windows Server 2003 Enterprise Edition\nhttp://secunia.com/product/1174/\n\nSOFTWARE:\nMicrosoft Windows Services for UNIX 2.x\nhttp://secunia.com/product/5243/\nMicrosoft Windows Services for UNIX 3.x\nhttp://secunia.com/product/5244/\n\nDESCRIPTION:\nGa\\xebl Delalleau has reported a weakness has been reported in Microsoft\nWindows, which can be exploited by malicious people to gain knowledge\nof various information. \n\nSuccessful exploitation requires that a user e.g. visits a malicious\nweb site or is tricked into clicking a specially crafted link. \n\nSOLUTION:\nApply patches. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0488"
},
{
"db": "CERT/CC",
"id": "VU#800829"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000380"
},
{
"db": "BID",
"id": "13940"
},
{
"db": "PACKETSTORM",
"id": "37995"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0488",
"trust": 3.5
},
{
"db": "CERT/CC",
"id": "VU#800829",
"trust": 3.2
},
{
"db": "BID",
"id": "13940",
"trust": 2.7
},
{
"db": "USCERT",
"id": "TA06-214A",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1014203",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "17135",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "21253",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3101",
"trust": 1.6
},
{
"db": "BID",
"id": "19289",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "15690",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA06-214A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000380",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "TA06-214A",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "101665",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57761",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "101671",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57755",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1139",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:504",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:562",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-08-01",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2005:016",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20050614 MULTIPLE VENDOR TELNET CLIENT INFORMATION DISCLOSURE VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200506-129",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "37995",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800829"
},
{
"db": "BID",
"id": "13940"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000380"
},
{
"db": "PACKETSTORM",
"id": "37995"
},
{
"db": "CNNVD",
"id": "CNNVD-200506-129"
},
{
"db": "NVD",
"id": "CVE-2005-0488"
}
]
},
"id": "VAR-200506-0133",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4615448
},
"last_update_date": "2024-07-23T21:22:45.018000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update 2006-004 Mac OS X 10.4.7 Client (PPC)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate2006004macosx1047clientppc.html"
},
{
"title": "Security Update 2006-004 (10.3.9 Client)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate20060041039client.html"
},
{
"title": "Security Update 2006-004 (10.3.9 Server)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate20060041039server.html"
},
{
"title": "Security Update 2006-004 Mac OS X 10.4.7 Client (Intel)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate2006004macosx1047clientintel.html"
},
{
"title": "Security Update 2006-004",
"trust": 0.8,
"url": "http://docs.info.apple.com/jarticle.html?artnum=304063-en"
},
{
"title": "Security Update 2006-004",
"trust": 0.8,
"url": "http://docs.info.apple.com/jarticle.html?artnum=304063"
},
{
"title": "krb5 (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=168"
},
{
"title": "telnet (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1087"
},
{
"title": "RHSA-2005:504",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-504.html"
},
{
"title": "RHSA-2005:562",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-562.html"
},
{
"title": "101665",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1"
},
{
"title": "101671",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1"
},
{
"title": "101665",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-3"
},
{
"title": "101671",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-3"
},
{
"title": "Security Update 2006-004 (10.3.9 Client)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate20060041039client.html"
},
{
"title": "Security Update 2006-004 (10.3.9 Server)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate20060041039server.html"
},
{
"title": "Security Update 2006-004 Mac OS X 10.4.7 Client (Intel)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate2006004macosx1047clientintel.html"
},
{
"title": "Security Update 2006-004 Mac OS X 10.4.7 Client (PPC)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate2006004macosx1047clientppc.html"
},
{
"title": "RHSA-2005:562",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-562j.html"
},
{
"title": "RHSA-2005:504",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-504j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000380"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0488"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/13940"
},
{
"trust": 2.4,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-214a.html"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/800829"
},
{
"trust": 1.9,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1"
},
{
"trust": 1.9,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1"
},
{
"trust": 1.7,
"url": "http://idefense.com/application/poi/display?id=260\u0026type=vulnerabilities"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2005-504.html"
},
{
"trust": 1.6,
"url": "http://www.novell.com/linux/security/advisories/2005_16_sr.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/19289"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2005-562.html"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1014203"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/21253"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17135"
},
{
"trust": 1.6,
"url": "http://lists.apple.com/archives/security-announce/2006//aug/msg00000.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3101"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11373"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1139"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15690/"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=260"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0488"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-1205"
},
{
"trust": 0.8,
"url": "http://www.apps.ietf.org/rfc/rfc1572.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/archive/1/402230"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0488"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-214a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-214a/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0488"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-214a.html"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3101"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1139"
},
{
"trust": 0.4,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-033.mspx"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-145_rhsa-2005-504.pdf"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2005-562.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2005-567.html"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windowsserversystem/sfu/"
},
{
"trust": 0.3,
"url": "http://tech.f5.com/home/bigip/solutions/advisories/sol4616.html"
},
{
"trust": 0.3,
"url": "/archive/1/402230"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=32c4e286-2c4d-491a-9e05-4ca0b055d5dc"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1176/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/22/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=c6161d9e-1672-479e-8baf-754a64dfab47"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=7c3dd615-b82d-4520-9c3a-376283b01d5b"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1175/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5243/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=22095e78-a559-40ea-8b65-9c727f4e752f"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5244/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=b8ba775e-e9a7-47e9-81a9-a68a71b9faac"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1173/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=dcc6840f-e626-4266-a63a-cddec0ec44d6"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=b281550b-8fae-4ff3-9bb7-e4ba325779b9"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1174/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=8eaad650-54db-44bc-ac9b-fc8a50f5a3b5"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=c23a4e16-e228-4a80-a4cb-9dcef462b97a"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800829"
},
{
"db": "BID",
"id": "13940"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000380"
},
{
"db": "PACKETSTORM",
"id": "37995"
},
{
"db": "CNNVD",
"id": "CNNVD-200506-129"
},
{
"db": "NVD",
"id": "CVE-2005-0488"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#800829"
},
{
"db": "BID",
"id": "13940"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000380"
},
{
"db": "PACKETSTORM",
"id": "37995"
},
{
"db": "CNNVD",
"id": "CNNVD-200506-129"
},
{
"db": "NVD",
"id": "CVE-2005-0488"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-06-14T00:00:00",
"db": "CERT/CC",
"id": "VU#800829"
},
{
"date": "2005-06-14T00:00:00",
"db": "BID",
"id": "13940"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000380"
},
{
"date": "2005-06-16T05:01:37",
"db": "PACKETSTORM",
"id": "37995"
},
{
"date": "2005-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200506-129"
},
{
"date": "2005-06-14T04:00:00",
"db": "NVD",
"id": "CVE-2005-0488"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-07-28T00:00:00",
"db": "CERT/CC",
"id": "VU#800829"
},
{
"date": "2006-08-02T20:16:00",
"db": "BID",
"id": "13940"
},
{
"date": "2007-07-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000380"
},
{
"date": "2012-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200506-129"
},
{
"date": "2020-01-21T15:45:16.083000",
"db": "NVD",
"id": "CVE-2005-0488"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200506-129"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Telnet Client Information Disclosure Vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#800829"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200506-129"
}
],
"trust": 0.6
}
}
VAR-200412-0902
Vulnerability from variot - Updated: 2024-07-23 20:51Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. Apple Terminal on Mac OS X fails to sanitize x-man-page URIs, allowing an attacker to execute arbitrary commands. LibTIFF Library TIFFFetchStripThing() Perform memory allocation in functions CheckMalloc() An integer overflow vulnerability exists due to a flaw in the validation of the value passed to the function.LibTIFF Arbitrary code may be executed with the execution authority of the application that uses the library
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0902",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "apple computer",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "10.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "8.0"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.7"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.7.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "9.0"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.6.0"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.5"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "modular messaging message storage server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "icontrol service manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.3.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.6.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "call management system server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.7"
},
{
"model": "call management system server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "12.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 1.0,
"vendor": "sco",
"version": "7.1.4"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.4"
},
{
"model": "icontrol service manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.3.6"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "1.2.1"
},
{
"model": "propack",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.7"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "1.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.8"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "10.0"
},
{
"model": "mn100",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.6"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "modular messaging message storage server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "icontrol service manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.3.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "icontrol service manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.3"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "integrated management",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.4"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.5"
},
{
"model": "call management system server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "cvlan",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "call management system server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "call management system server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "13.0"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.3.9"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.3.9"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:avaya:call_management_system_server:13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:call_management_system_server:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:icontrol_service_manager:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:icontrol_service_manager:1.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:call_management_system_server:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:call_management_system_server:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:interactive_response:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:intuity_audix_lx:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:interactive_response:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:interactive_response:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:call_management_system_server:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:cvlan:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:icontrol_service_manager:1.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:icontrol_service_manager:1.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery credited to infamous41md[at]hotpop.com.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1307",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2004-1307",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9737",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1307",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#356070",
"trust": 0.8,
"value": "22.31"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#539110",
"trust": 0.8,
"value": "5.04"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#706838",
"trust": 0.8,
"value": "9.38"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-081",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9737",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "VULHUB",
"id": "VHN-9737"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. Apple Terminal on Mac OS X fails to sanitize x-man-page URIs, allowing an attacker to execute arbitrary commands. LibTIFF Library TIFFFetchStripThing() Perform memory allocation in functions CheckMalloc() An integer overflow vulnerability exists due to a flaw in the validation of the value passed to the function.LibTIFF Arbitrary code may be executed with the execution authority of the application that uses the library",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1307"
},
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "VULHUB",
"id": "VHN-9737"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#539110",
"trust": 3.3
},
{
"db": "USCERT",
"id": "TA05-136A",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-1307",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "15227",
"trust": 2.4
},
{
"db": "OSVDB",
"id": "16084",
"trust": 0.8
},
{
"db": "BID",
"id": "13502",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#356070",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1012651",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "13607",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "16085",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1013887",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#706838",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA05-136A",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:11175",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "101677",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "201072",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2005-05-03",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20041221 LIBTIFF STRIPOFFSETS INTEGER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9737",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "VULHUB",
"id": "VHN-9737"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"id": "VAR-200412-0902",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9737"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:51:12.187000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update 2005-005",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=301528"
},
{
"title": "Security Update 2005-005",
"trust": 0.8,
"url": "http://docs.info.apple.com/jarticle.html?artnum=301528"
},
{
"title": "RHSA-2004:577",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-577.html"
},
{
"title": "101677",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"title": "RHSA-2004:577",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-577j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta05-136a.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/539110"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/15227/"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2005/may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"trust": 1.6,
"url": "http://docs.info.apple.com/article.html?artnum=301528"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11175"
},
{
"trust": 0.8,
"url": "http://remahl.se/david/vuln/011/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/13502/"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=16084"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2004/dec/1012651.html"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/13607/"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=240\u0026type=vulnerabilities"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.org/bid/13488"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2005/may/1013887.html"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=16085"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-1307"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2005/wr052001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta05-136a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta05-136a/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-1307"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:11175"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=173\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "VULHUB",
"id": "VHN-9737"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "VULHUB",
"id": "VHN-9737"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-06T00:00:00",
"db": "CERT/CC",
"id": "VU#356070"
},
{
"date": "2005-01-20T00:00:00",
"db": "CERT/CC",
"id": "VU#539110"
},
{
"date": "2005-05-16T00:00:00",
"db": "CERT/CC",
"id": "VU#706838"
},
{
"date": "2004-12-21T00:00:00",
"db": "VULHUB",
"id": "VHN-9737"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"date": "2004-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"date": "2004-12-21T05:00:00",
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-16T00:00:00",
"db": "CERT/CC",
"id": "VU#356070"
},
{
"date": "2005-08-23T00:00:00",
"db": "CERT/CC",
"id": "VU#539110"
},
{
"date": "2005-05-24T00:00:00",
"db": "CERT/CC",
"id": "VU#706838"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-9737"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"date": "2009-02-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Terminal fails to properly sanitize input for \"x-man-page\" URI",
"sources": [
{
"db": "CERT/CC",
"id": "VU#356070"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
}
],
"trust": 0.6
}
}
VAR-200503-0010
Vulnerability from variot - Updated: 2024-07-23 19:39Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016). Microsoft Windows does not adequately validate IP options, allowing an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. An attacker could take complete control of a vulnerable system. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices & Catalyst switches, and HP-UX up to 11.00. It is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. **Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible.
Want a new IT Security job?
Vacant positions at Secunia: http://secunia.com/secunia_vacancies/
TITLE: Microsoft Exchange SMTP Service Extended Verb Request Buffer Overflow
SECUNIA ADVISORY ID: SA14920
VERIFY ADVISORY: http://secunia.com/advisories/14920/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Microsoft Exchange Server 2000 http://secunia.com/product/41/ Microsoft Exchange Server 2003 http://secunia.com/product/1828/
DESCRIPTION: ISS X-Force has reported a vulnerability in Microsoft Exchange Server, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the SMTP service within the handling of a certain extended verb request. This can be exploited to cause a heap-based buffer overflow by connecting to the SMTP service and issuing a specially crafted command.
Successful exploitation allows execution of arbitrary code with the privileges of the SMTP service (by default "Local System"). Instead, this requires permissions usually only granted to other Exchange servers in a domain.
SOLUTION: Apply patches.
Microsoft Exchange 2000 Server (requires SP3): http://www.microsoft.com/downloads/details.aspx?FamilyId=2A2AF17E-2E4A-4479-8AC9-B5544EA0BD66
Microsoft Exchange Server 2003: http://www.microsoft.com/downloads/details.aspx?FamilyId=97F409EB-C8D0-4C94-A67B-5945E26C9267
Microsoft Exchange Server 2003 (requires SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=35BCE74A-E84A-4035-BF18-196368F032CC
The following versions are not affected: * Microsoft Exchange Server 5.5 SP4 * Microsoft Exchange Server 5.0 SP2
PROVIDED AND/OR DISCOVERED BY: Mark Dowd and Ben Layer, ISS X-Force.
ORIGINAL ADVISORY: MS05-021 (KB894549): http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx
ISS X-Force: http://xforce.iss.net/xforce/alerts/id/193
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200503-0010",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(itanium)"
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.6,
"vendor": "bsdi",
"version": "2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.01"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.3.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.31"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"model": "ios aa",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.10"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.0"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt enterprise server sp4",
"scope": "ne",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.6,
"vendor": "bsdi",
"version": "3.0"
},
{
"model": "windows server enterprise edition sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.34"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios f",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "ios bt",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0.12"
},
{
"model": "windows nt workstation sp4",
"scope": "ne",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "ios ia",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.3"
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.6,
"vendor": "bsdi",
"version": "3.1"
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.1.x"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.2"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.1"
},
{
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "10.3.16"
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.38"
},
{
"model": "windows server standard edition sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.6,
"vendor": "novell",
"version": "4.1"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.6,
"vendor": "bsdi",
"version": "2.0"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.36"
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.3"
},
{
"model": "ios bt",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0.17"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.6,
"vendor": "freebsd",
"version": "3.x"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2.10"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.6,
"vendor": "bsdi",
"version": "2.0.1"
},
{
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server enterprise edition itanium sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.6,
"vendor": "bsdi",
"version": "1.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.33"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "open desktop",
"scope": "eq",
"trust": 0.6,
"vendor": "sco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"model": "ios ia",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.9"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.16"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.3.2"
},
{
"model": "ios aa",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0.17"
},
{
"model": "windows server datacenter edition itanium sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "9.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.6,
"vendor": "sco",
"version": "2.1"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "ios a",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "10.3.19"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.1"
},
{
"model": "ios f1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.35"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "11.0"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "cmw+",
"scope": "eq",
"trust": 0.6,
"vendor": "sco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.6,
"vendor": "bsdi",
"version": "4.0"
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "ios ca",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "ios/700",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.30"
},
{
"model": "sunos",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "4.1.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "95"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.2.10"
},
{
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "29xx2.4.401"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.37"
},
{
"model": "sunos u1",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "4.1.3"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "3.5.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.0"
},
{
"model": "atm switch",
"scope": "eq",
"trust": 0.6,
"vendor": "marconi",
"version": "6.1.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.6,
"vendor": "linux",
"version": "2.0.32"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "ne",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "29xx2.1.1102"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.2.1"
},
{
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.6,
"vendor": "sco",
"version": "5.0"
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios p",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.2.9"
},
{
"model": "atm switch",
"scope": "eq",
"trust": 0.6,
"vendor": "marconi",
"version": "7.0.1"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"model": "windows nt server sp4",
"scope": "ne",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.20"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.6,
"vendor": "bsdi",
"version": "4.0.1"
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios ca",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.6,
"vendor": "netbsd",
"version": "1.2"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.6,
"vendor": "freebsd",
"version": "2.1x"
},
{
"model": "windows server web edition sp1 beta",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10.30"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "sp2"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "windows xp embedded sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp embedded",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "windows xp gold",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "windows nt sp5",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt sp3 alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dejan Levaja dejan@levaja.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0688",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2005-0688",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0688",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#396645",
"trust": 0.8,
"value": "12.15"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#233754",
"trust": 0.8,
"value": "12.29"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#275193",
"trust": 0.8,
"value": "36.15"
},
{
"author": "CNNVD",
"id": "CNNVD-200503-048",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the \"Land\" vulnerability (CVE-1999-0016). Microsoft Windows does not adequately validate IP options, allowing an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. An attacker could take complete control of a vulnerable system. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices \u0026amp; Catalyst switches, and HP-UX up to 11.00. \nIt is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. \n**Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. \n----------------------------------------------------------------------\n\nWant a new IT Security job?\n\nVacant positions at Secunia:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nMicrosoft Exchange SMTP Service Extended Verb Request Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA14920\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/14920/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nMicrosoft Exchange Server 2000\nhttp://secunia.com/product/41/\nMicrosoft Exchange Server 2003\nhttp://secunia.com/product/1828/\n\nDESCRIPTION:\nISS X-Force has reported a vulnerability in Microsoft Exchange\nServer, which can be exploited by malicious people to compromise a\nvulnerable system. \n\nThe vulnerability is caused due to a boundary error in the SMTP\nservice within the handling of a certain extended verb request. This\ncan be exploited to cause a heap-based buffer overflow by connecting\nto the SMTP service and issuing a specially crafted command. \n\nSuccessful exploitation allows execution of arbitrary code with the\nprivileges of the SMTP service (by default \"Local System\"). Instead, this requires permissions\nusually only granted to other Exchange servers in a domain. \n\nSOLUTION:\nApply patches. \n\nMicrosoft Exchange 2000 Server (requires SP3):\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=2A2AF17E-2E4A-4479-8AC9-B5544EA0BD66\n\nMicrosoft Exchange Server 2003:\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=97F409EB-C8D0-4C94-A67B-5945E26C9267\n\nMicrosoft Exchange Server 2003 (requires SP1):\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=35BCE74A-E84A-4035-BF18-196368F032CC\n\nThe following versions are not affected:\n* Microsoft Exchange Server 5.5 SP4\n* Microsoft Exchange Server 5.0 SP2\n\nPROVIDED AND/OR DISCOVERED BY:\nMark Dowd and Ben Layer, ISS X-Force. \n\nORIGINAL ADVISORY:\nMS05-021 (KB894549):\nhttp://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx\n\nISS X-Force:\nhttp://xforce.iss.net/xforce/alerts/id/193\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0688"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "PACKETSTORM",
"id": "37141"
}
],
"trust": 4.41
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0688",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "14512",
"trust": 2.4
},
{
"db": "USCERT",
"id": "TA05-102A",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22341",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3983",
"trust": 1.6
},
{
"db": "BID",
"id": "2666",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "14920",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "14578",
"trust": 0.8
},
{
"db": "XF",
"id": "19593",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#396645",
"trust": 0.8
},
{
"db": "BID",
"id": "13116",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1013686",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#233754",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "15467",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#275193",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167",
"trust": 0.8
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:4978",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1288",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:482",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1685",
"trust": 0.6
},
{
"db": "MS",
"id": "MS06-064",
"trust": 0.6
},
{
"db": "MS",
"id": "MS05-019",
"trust": 0.6
},
{
"db": "HP",
"id": "SSRT061264",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20050305 WINDOWS SERVER 2003 AND XP SP2 LAND ATTACK VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048",
"trust": 0.6
},
{
"db": "BID",
"id": "13658",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "37141",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"id": "VAR-200503-0010",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.33667661
},
"last_update_date": "2024-07-23T19:39:25.692000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS06-064",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms05-019.mspx"
},
{
"title": "MS06-064",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms06-064.mspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/14512/"
},
{
"trust": 1.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta05-102a.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22341"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=111005099504081\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3983"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1288"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1685"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a482"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4978"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/alerts/id/193"
},
{
"trust": 0.9,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-021.mspx"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/14920/"
},
{
"trust": 0.9,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/14512"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2666 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/19593"
},
{
"trust": 0.8,
"url": "http://osvdb.org/displayvuln.php?osvdb_id=14578"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/192"
},
{
"trust": 0.8,
"url": "http://www.iana.org/assignments/ip-parameters"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/13116/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/apr/1013686.html"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=15467"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0688"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20050413-ms05-019.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2005/wr051601.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta05-102a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta05-102a/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0688"
},
{
"trust": 0.8,
"url": "http://www.securiteam.com/windowsntfocus/5pp0720f5u.html"
},
{
"trust": 0.6,
"url": "http://support.microsoft.com/support/kb/articles/q165/0/05.asp"
},
{
"trust": 0.6,
"url": "http://support.microsoft.com/support/kb/articles/q177/5/39.asp"
},
{
"trust": 0.6,
"url": "http://support.novell.com/cgi-bin/search/tidfinder.cgi?2932511"
},
{
"trust": 0.6,
"url": "http://www.cisco.com/warp/public/770/land-pub.shtml#iosvers"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/392354"
},
{
"trust": 0.6,
"url": "/archive/1/392642"
},
{
"trust": 0.6,
"url": "/archive/1/393045"
},
{
"trust": 0.6,
"url": "/archive/1/392354"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=111005099504081\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/449179/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3983"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:4978"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:482"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1685"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1288"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-217.htm"
},
{
"trust": 0.3,
"url": "/archive/1/400188"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=35bce74a-e84a-4035-bf18-196368f032cc"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=2a2af17e-2e4a-4479-8ac9-b5544ea0bd66"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/41/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=97f409eb-c8d0-4c94-a67b-5945e26c9267"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1828/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#396645"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#233754"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#275193"
},
{
"date": "2005-05-17T00:00:00",
"db": "BID",
"id": "13658"
},
{
"date": "1997-11-20T00:00:00",
"db": "BID",
"id": "2666"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"date": "2005-04-18T07:20:47",
"db": "PACKETSTORM",
"id": "37141"
},
{
"date": "1997-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"date": "2005-03-05T05:00:00",
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#396645"
},
{
"date": "2005-05-03T00:00:00",
"db": "CERT/CC",
"id": "VU#233754"
},
{
"date": "2005-08-02T00:00:00",
"db": "CERT/CC",
"id": "VU#275193"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13658"
},
{
"date": "2009-07-11T06:06:00",
"db": "BID",
"id": "2666"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000167"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200503-048"
},
{
"date": "2018-10-19T15:31:16.513000",
"db": "NVD",
"id": "CVE-2005-0688"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Windows vulnerable to DoS via LAND attack",
"sources": [
{
"db": "CERT/CC",
"id": "VU#396645"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "13658"
},
{
"db": "BID",
"id": "2666"
}
],
"trust": 0.6
}
}
VAR-200310-0072
Vulnerability from variot - Updated: 2024-07-23 19:31The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. sendmail A buffer overflow vulnerability was discovered in the email address parsing process. This vulnerability CERT Advisory CA-2003-07, CA-2003-12 This is a new vulnerability that differs from the vulnerability reported in. As for the vulnerability, there is a possibility that a third party may obtain administrator authority from a remote location. This problem, sendmail Occurs by receiving a message with a maliciously configured email address. For this reason, LAN Is running on a host sendmail Even other MTA (Mail Transfer Agent) If you receive a malicious message relayed from, you may be affected by the vulnerability.Service operation interruption (denial-of-service, DoS) An attacker or a remote third party may gain administrative privileges. This issue is different than the vulnerability described in BID 7230. Sendmail is one of the most popular mail transfer agents (MTAs) on the Internet. The local exploitation method on Linux can use recipient.c and sendtolist() to overwrite the pointer with the data submitted by the user. When calling the free() function, the command may be redirected, and the attacker can construct a malicious email message and submit it to Sendmail for analysis. Execute arbitrary commands on the system with Sendmail process privileges. There may also be other exploit methods, and it is also possible to exploit this vulnerability remotely
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200310-0072",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 2.1,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 2.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.5"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.1"
},
{
"model": "advanced server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.8,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.8,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.8,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "0.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "0.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk5_bl23"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk3_bl3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.0.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk6_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk2_bl2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk4_bl22"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk2_bl22"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "pro",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk5_bl19"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk7_bl18"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk4_bl18"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk8_bl22"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk1_bl1"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.19m"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.18f"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.18m"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.17m"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk3_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.1a"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "8.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.17f"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.19f"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk1_bl1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk4_bl21"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk6_bl20"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "pro",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.21f"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk3_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.9"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.21m"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.20f"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.20m"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm eserver",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sendmail consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "openlinux",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "3.1.1 (server)"
},
{
"model": "open unix",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "8.0.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "3.0.x (solaris"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "linux"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "systemwalker it budgetmgr",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix edition )"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "for nt",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.6.x"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "systemwalker listcreator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.8,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "sendmail",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail consortium",
"version": "8.12.9 and earlier"
},
{
"model": "for nt",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "version 3.0.x"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "7.1.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.2.xj (windows nt/2000 edition )"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.2.x (solaris"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "openbsd",
"scope": "lt",
"trust": 0.8,
"vendor": "openbsd",
"version": "version"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "linux"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix edition )"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "windows nt/2000"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "1.3 (windows 2000 edition )"
},
{
"model": "teamware office",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.8,
"vendor": "sgi",
"version": "6.5 (6.5.15 - 6.5.21f)"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.1.x (solaris"
},
{
"model": "openlinux",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "3.1.1 (workstation)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "3.1.x (solaris"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.8,
"vendor": "fore tune",
"version": "5.0"
},
{
"model": "cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "interstage office square",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.8,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "gnu/linux",
"scope": "eq",
"trust": 0.8,
"vendor": "debian",
"version": "3.0"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.1.x (hp-ux edition )"
},
{
"model": "freebsd",
"scope": "lt",
"trust": 0.8,
"vendor": "freebsd",
"version": "version"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.8,
"vendor": "fore tune",
"version": "4.3.1"
},
{
"model": "gnu/linux",
"scope": "lt",
"trust": 0.8,
"vendor": "debian",
"version": "version"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "systemwalker listworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.0.x (solaris"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "s390 linux edition )"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "1.2 (solaris"
},
{
"model": "systemwalker ip netmgr",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "s390 linux edition )"
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0.7"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "inc sendmail pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "inc sendmail pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.9"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "consortium sendmail beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta16",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5x86"
},
{
"model": "sh3",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "linux rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux a",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "tru64 b pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 b pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 g pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 g pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f pk8",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f pk7",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "consortium sendmail",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:advanced_message_server:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:advanced_message_server:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_pro:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.20f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.20m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.21f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.21m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_pro:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.19f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.19m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk4_bl22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk4_bl21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk5_bl23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.8:release_p6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_advanced_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk8_bl22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michal Zalewski\u203b lcamtuf@echelon.pl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0694",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2003-0694",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-7519",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0694",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#784980",
"trust": 0.8,
"value": "36.72"
},
{
"author": "CNNVD",
"id": "CNNVD-200310-019",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-7519",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2003-0694",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. sendmail A buffer overflow vulnerability was discovered in the email address parsing process. This vulnerability CERT Advisory CA-2003-07, CA-2003-12 This is a new vulnerability that differs from the vulnerability reported in. As for the vulnerability, there is a possibility that a third party may obtain administrator authority from a remote location. This problem, sendmail Occurs by receiving a message with a maliciously configured email address. For this reason, LAN Is running on a host sendmail Even other MTA (Mail Transfer Agent) If you receive a malicious message relayed from, you may be affected by the vulnerability.Service operation interruption (denial-of-service, DoS) An attacker or a remote third party may gain administrative privileges. This issue is different than the vulnerability described in BID 7230. Sendmail is one of the most popular mail transfer agents (MTAs) on the Internet. The local exploitation method on Linux can use recipient.c and sendtolist() to overwrite the pointer with the data submitted by the user. When calling the free() function, the command may be redirected, and the attacker can construct a malicious email message and submit it to Sendmail for analysis. Execute arbitrary commands on the system with Sendmail process privileges. There may also be other exploit methods, and it is also possible to exploit this vulnerability remotely",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0694"
},
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#784980",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2003-0694",
"trust": 2.9
},
{
"db": "BID",
"id": "8641",
"trust": 1.3
},
{
"db": "XF",
"id": "13204",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019",
"trust": 0.7
},
{
"db": "CONECTIVA",
"id": "CLA-2003:742",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:284",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:283",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-25",
"trust": 0.6
},
{
"db": "VULNWATCH",
"id": "20030917 ZALEWSKI ADVISORY - SENDMAIL 8.12.9 PRESCAN BUG",
"trust": 0.6
},
{
"db": "SCO",
"id": "SCOSA-2004.11",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:092",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030917 GLSA: SENDMAIL (200309-13)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030917 [SLACKWARE-SECURITY] SENDMAIL VULNERABILITIES FIXED (SSA:2003-260-02)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030917 SENDMAIL 8.12.9 PRESCAN BUG (A NEW ONE) [CAN-2003-0694]",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030919 [OPENPKG-SA-2003.041] OPENPKG SECURITY ADVISORY (SENDMAIL)",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:603",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2975",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:572",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20030917 SENDMAIL 8.12.9 PRESCAN BUG (A NEW ONE) [CAN-2003-0694]",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-384",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-7519",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2003-0694",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"id": "VAR-200310-0072",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7519"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:31:47.530000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ca-2003-25",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/cert/cert2003.html#ca-2003-25"
},
{
"title": "DSA-384-1",
"trust": 0.8,
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"title": "FreeBSD-SA-03:13.sendmail ",
"trust": 0.8,
"url": "http://security.freebsd.org/advisories/freebsd-sa-03:13.sendmail.asc"
},
{
"title": "HPSBUX00281",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01035741"
},
{
"title": "IY48657",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy48657"
},
{
"title": "IY48659",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy48659"
},
{
"title": "IY48658",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy48658"
},
{
"title": "MSS-OAR-E01-2003.1473.1",
"trust": 0.8,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2003.1473.1"
},
{
"title": "sendmail (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=150"
},
{
"title": "NetBSD-SA2003-016",
"trust": 0.8,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2003-016.txt.asc"
},
{
"title": "018: SECURITY FIX: September 17, 2003",
"trust": 0.8,
"url": "http://www.openbsd.org/errata32.html#sendmail4"
},
{
"title": "005: SECURITY FIX: September 17, 2003",
"trust": 0.8,
"url": "http://www.openbsd.org/errata33.html#sendmail"
},
{
"title": "RHSA-2003:283",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-283.html"
},
{
"title": "RHSA-2003:284",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-284.html"
},
{
"title": "CSSA-2003-036.0",
"trust": 0.8,
"url": "ftp://ftp.sco.com/pub/security/openlinux/cssa-2003-036.0.txt"
},
{
"title": "CSSA-2003-SCO.23.1",
"trust": 0.8,
"url": "ftp://ftp.sco.com/pub/updates/unixware/cssa-2003-sco.23/cssa-2003-sco.23.txt"
},
{
"title": "8.12.10",
"trust": 0.8,
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"title": "2003-9-17",
"trust": 0.8,
"url": "http://www.sendmail.com/security/"
},
{
"title": "20030903-01-P",
"trust": 0.8,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030903-01-p.asc"
},
{
"title": "56922",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56922-1"
},
{
"title": "56860",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56860-1"
},
{
"title": "56922",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56922-3"
},
{
"title": "56860",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56860-3"
},
{
"title": "XTR Sendmail Security Update 1.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026amp;nav=patchpage"
},
{
"title": "550 Sendmail Security Update 0.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
},
{
"title": "4 Sendmail Security Update 2.0.2",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026amp;nav=patchpage"
},
{
"title": "TLSA-2003-52",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-52.txt"
},
{
"title": "Sendmail Inc. Information for VU#784980",
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/aamn-5rhq64"
},
{
"title": "M500-012",
"trust": 0.8,
"url": "ftp://ftp.foretune.co.jp/pub/bsdos/patches-5.0/m500-012.ia32"
},
{
"title": "M431-011",
"trust": 0.8,
"url": "ftp://ftp.foretune.co.jp/pub/bsdos/patches-4.3.1/i386/m431-011"
},
{
"title": "RHSA-2003:283",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-283j.html"
},
{
"title": "RHSA-2003:284",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-284j.html"
},
{
"title": "TLSA-2003-52",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-52j.txt"
},
{
"title": "Debian Security Advisories: DSA-384-1 sendmail -- buffer overflows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=243b978e3f17d13dd590ac7cfc4a472f"
},
{
"title": "cumes",
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes "
},
{
"title": "x0rzEQGRP",
"trust": 0.1,
"url": "https://github.com/happysmack/x0rzeqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/nekkidso/eqgrp "
},
{
"title": "test",
"trust": 0.1,
"url": "https://github.com/devkosov/test "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/hackcrypto/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ninja-tw1st/eqgrp "
},
{
"title": "leaked2",
"trust": 0.1,
"url": "https://github.com/kongjiexi/leaked2 "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/391861737/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/muhammd/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/r3k1ng/shadowbrokersfiles "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ckmaenn/eqgrp "
},
{
"title": "EQGRP_Linux",
"trust": 0.1,
"url": "https://github.com/cybernetix-s3c/eqgrp_linux "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/iha114/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/antiscammerarmy/shadowbrokersfiles "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/thetrentusdev/shadowbrokerstuff "
},
{
"title": "bdhglopoj",
"trust": 0.1,
"url": "https://github.com/maxcvnd/bdhglopoj "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/shakenetwork/shadowbrokerstuff "
},
{
"title": "x0rz-EQGRP",
"trust": 0.1,
"url": "https://github.com/r3p3r/x0rz-eqgrp "
},
{
"title": "ShadowBrokersStuff",
"trust": 0.1,
"url": "https://github.com/thetrentus/shadowbrokersstuff "
},
{
"title": "EQ1",
"trust": 0.1,
"url": "https://github.com/thepevertedspartan/eq1 "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/badbug6/eqgrp "
},
{
"title": "EQGRP-nasa",
"trust": 0.1,
"url": "https://github.com/soldie/eqgrp-nasa "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/mofty/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/thetrentus/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/namangangwar/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/x0rz/eqgrp "
},
{
"title": "SB--.-HACK-the-EQGRP-1",
"trust": 0.1,
"url": "https://github.com/cipherreborn/sb--.-hack-the-eqgrp-1 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.cert.org/advisories/ca-2003-25.html"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"trust": 2.6,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html"
},
{
"trust": 2.6,
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2003:092"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-283.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-284.html"
},
{
"trust": 1.8,
"url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2004.11/scosa-2004.11.txt"
},
{
"trust": 1.8,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2975"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a572"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a603"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/8641"
},
{
"trust": 0.8,
"url": "http://archives.neohapsis.com/archives/sendmail/2003-q3/0002.html"
},
{
"trust": 0.8,
"url": "http://www.sendmail.org/patches/parse8.359.2.8"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-149.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0694"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/13204"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr033901.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr034001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-25"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2003-25"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0694"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030918_190150.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:603"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:572"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2975"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/servers/aix/"
},
{
"trust": 0.3,
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000746"
},
{
"trust": 0.3,
"url": "http://www.sendmail.org/"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f56860"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f56922"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/qube3.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v4.0g/t64kit0020132-v40gb22-es-20031001.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-553-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-563-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-586-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-594-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "/archive/1/337839"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106383437615742\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106381604923204\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106382859407683\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106398718909274\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000742"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-384"
},
{
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-17T00:00:00",
"db": "CERT/CC",
"id": "VU#784980"
},
{
"date": "2003-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-7519"
},
{
"date": "2003-10-06T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"date": "2003-09-17T00:00:00",
"db": "BID",
"id": "8641"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"date": "2003-09-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"date": "2003-10-06T04:00:00",
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-29T00:00:00",
"db": "CERT/CC",
"id": "VU#784980"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-7519"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"date": "2009-07-11T23:56:00",
"db": "BID",
"id": "8641"
},
{
"date": "2007-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"date": "2006-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sendmail prescan() buffer overflow vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "8641"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
}
],
"trust": 0.9
}
}
VAR-200412-0084
Vulnerability from variot - Updated: 2024-06-09 19:52Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. mandrakesoft of mandrake multi network firewall Unspecified vulnerabilities exist in products from multiple vendors.None. These vulnerabilities were referenced in a SuSe advisory, however, further details are not currently available. This BID will be updated or retired as more information becomes available. It is reported that these issues present themselves in Linux kernel 2.6. The leak did not provide specifics. -----BEGIN PGP SIGNED MESSAGE-----
SUSE Security Announcement
Package: kernel
Announcement-ID: SUSE-SA:2004:020
Date: Tuesday, Jul 2nd 2004 18:00 MEST
Affected products: 8.0, 8.1, 8.2, 9.0, 9.1
SUSE Linux Database Server,
SUSE eMail Server III, 3.1
SUSE Linux Enterprise Server 7, 8
SUSE Linux Firewall on CD/Admin host
SUSE Linux Connectivity Server
SUSE Linux Office Server
Vulnerability Type: local privilege escalation
Severity (1-10): 6
SUSE default package: yes
Cross References: CAN-2004-0495
CAN-2004-0496
CAN-2004-0497
CAN-2004-0535
CAN-2004-0626
Content of this advisory:
1) security vulnerability resolved:
- chown: users can change the group affiliation of arbitrary
files to the group they belong to
- missing DAC check in chown(2): local privilege escalation
- overflow with signals: local denial-of-service
- pss, mpu401 sound driver: read/write to complete memory
- airo driver: read/write to complete memory
- ALSA: copy_from_user/copy_to_user confused
- acpi_asus: read from random memory
- decnet: write to memory without checking
- e1000 driver: read complete memory
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds:
- icecast
- sitecopy
- cadaver
- OpenOffice_org
- tripwire
- postgresql*
- mod_proxy
- freeswan
- ipsec-tools
- less
- libpng
- pavuk
- XFree86*
- kdebase3
3) standard appendix (further information)
1) problem description, brief discussion, solution, upgrade information
Multiple security vulnerabilities are being addressed with this security
update of the Linux kernel.
Kernel memory access vulnerabilities are fixed in the e1000, decnet,
acpi_asus, alsa, airo/WLAN, pss and mpu401 drivers.
Missing Discretionary Access Control (DAC) checks in the chown(2) system
call allow an attacker with a local account to change the group
ownership of arbitrary files, which leads to root privileges on affected
systems. An interesting variant of the missing
checks is that the ownership of files in the /proc filesystem can be
altered, while the changed ownership still does not allow the files to
be accessed as a non-root user for to be able to exploit the
vulnerability. Systems that are based on a version 2.4 kernel are not
vulnerable to the /proc weakness, and exploitation of the weakness
requires the use of the kernel NFS server (knfsd). If the knfsd NFS
server is not activated (it is off by default), the vulnerability is
not exposed.
The only network-related vulnerability fixed with the kernel updates
that are subject to this announcement affect the SUSE Linux 9.1
distribution only, as it is based on a 2.6 kernel. Found and reported
to bugtraq by Adam Osuchowski and Tomasz Dubinski, the vulnerability
allows a remote attacker to send a specially crafted TCP packet to a
vulnerable system, causing that system to stall if it makes use of
TCP option matching netfilter rules.
In some rare configurations of the SUSE Linux 9.1 distribution, some
users have experienced stalling systems during system startup.
SPECIAL INSTALL INSTRUCTIONS:
==============================
For the impatient: Run YOU (Yast2 Online Update, command
"yast2 online_update" as root) to install the updates (semi)
automatically, if you have a SUSE Linux 8.1 and newer system.
For those who wish to install their kernel updates manually and for
those who use a SUSE Linux 8.0 system:
The following paragraphs will guide you through the installation
process in a step-by-step fashion. The character sequence "****"
marks the beginning of a new paragraph. In some cases, the steps
outlined in a particular paragraph may or may not be applicable
to your situation.
Therefore, please make sure to read through all of the steps below
before attempting any of these procedures.
All of the commands that need to be executed are required to be
run as the superuser (root). Each step relies on the steps before
it to complete successfully.
**** Step 1: Determine the needed kernel type
Please use the following command to find the kernel type that is
installed on your system:
rpm -qf /boot/vmlinuz
Following are the possible kernel types (disregard the version and
build number following the name separated by the "-" character)
k_deflt # default kernel, good for most systems.
k_i386 # kernel for older processors and chipsets
k_athlon # kernel made specifically for AMD Athlon(tm) family processors
k_psmp # kernel for Pentium-I dual processor systems
k_smp # kernel for SMP systems (Pentium-II and above)
k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM
kernel-64k-pagesize
kernel-bigsmp
kernel-default
kernel-smp
**** Step 2: Download the package for your system
Please download the kernel RPM package for your distribution with the
name as indicated by Step 1. The list of all kernel rpm packages is
appended below. Note: The kernel-source package does not
contain a binary kernel in bootable form. Instead, it contains the
sources that the binary kernel rpm packages are created from. It can be
used by administrators who have decided to build their own kernel.
Since the kernel-source.rpm is an installable (compiled) package that
contains sources for the linux kernel, it is not the source RPM for
the kernel RPM binary packages.
The kernel RPM binary packages for the distributions can be found at the
locations below ftp://ftp.suse.com/pub/suse/i386/update/.
8.0/images/
8.1/rpm/i586
8.2/rpm/i586
9.0/rpm/i586
9.1/rpm/i586
After downloading the kernel RPM package for your system, you should
verify the authenticity of the kernel rpm package using the methods as
listed in section 3) of each SUSE Security Announcement.
**** Step 3: Installing your kernel rpm package
Install the rpm package that you have downloaded in Steps 3 or 4 with
the command
rpm -Uhv --nodeps --force <K_FILE.RPM>
where <K_FILE.RPM> is the name of the rpm package that you downloaded.
Warning: After performing this step, your system will likely not be
able to boot if the following steps have not been fully
followed.
If you run SUSE LINUX 8.1 and haven't applied the kernel update
(SUSE-SA:2003:034), AND you are using the freeswan package, you also
need to update the freeswan rpm as a dependency as offered
by YOU (YaST Online Update). The package can be downloaded from
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/
**** Step 4: configuring and creating the initrd
The initrd is a ramdisk that is loaded into the memory of your
system together with the kernel boot image by the bootloader. The
kernel uses the content of this ramdisk to execute commands that must
be run before the kernel can mount its actual root filesystem. It is
usually used to initialize SCSI drivers or NIC drivers for diskless
operation.
The variable INITRD_MODULES in /etc/sysconfig/kernel determines
which kernel modules will be loaded in the initrd before the kernel
has mounted its actual root filesystem. The variable should contain
your SCSI adapter (if any) or filesystem driver modules.
With the installation of the new kernel, the initrd has to be
re-packed with the update kernel modules. Please run the command
mk_initrd
as root to create a new init ramdisk (initrd) for your system.
On SuSE Linux 8.1 and later, this is done automatically when the
RPM is installed.
**** Step 5: bootloader
If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there
are two options:
Depending on your software configuration, you have either the lilo
bootloader or the grub bootloader installed and initialized on your
system.
The grub bootloader does not require any further actions to be
performed after the new kernel images have been moved in place by the
rpm Update command.
If you have a lilo bootloader installed and initialized, then the lilo
program must be run as root. Use the command
grep LOADER_TYPE /etc/sysconfig/bootloader
to find out which boot loader is configured. If it is lilo, then you
must run the lilo command as root. If grub is listed, then your system
does not require any bootloader initialization.
Warning: An improperly installed bootloader may render your system
unbootable.
**** Step 6: reboot
If all of the steps above have been successfully completed on your
system, then the new kernel including the kernel modules and the
initrd should be ready to boot. The system needs to be rebooted for
the changes to become active. Please make sure that all steps have
completed, then reboot using the command
shutdown -r now
or
init 6
Your system should now shut down and reboot with the new kernel.
There is no workaround known.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
x86 Platform:
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.95.i586.rpm
800418d3dddf6d3b83925f562842205a
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.95.i586.rpm
0cb990b159e10685bb29b76d312ddd25
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm
7446bb70f52bce57a914066be4ed8e45
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm
7446bb70f52bce57a914066be4ed8e45
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.95.i586.rpm
ede031495ee19d8b6eca1873e7155332
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm
620ef40226fec31a773397cf3051bf36
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm
9b61b5a70b304f5554cb18a6bae5b5fd
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.95.nosrc.rpm
227c85280ee17a66c8590fe1bb14c596
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm
895fee3033de0810ff1173ce8ee87936
SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-231.i586.rpm
48be395b96329909486ae3a5152348fa
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-231.i586.rpm
4cd322b4f511d5fe4c483ed28a82097e
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-231.i586.rpm
262e33cebf1b0d35fb6d3235c9ab8815
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-231.i586.rpm
8d81370f90736b12aa71b9c744f6e0e2
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-231.i586.rpm
bc59c838c84ba318dc4d24da08a3022e
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-231.i586.rpm
f9586ba982e0398c3e48871955b661aa
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm
18673b0bf347fe9557d4e67ca02000c0
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-231.src.rpm
71496daac44196b0e0a3836ee6a3b4ed
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm
7c208e9e3f7be1a68c3c8457eb2cafc4
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-231.src.rpm
b77863c863aaf4b931bff263220e6ec9
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-231.src.rpm
bed7e964e22c5e5d2f5e7a5e3816dde4
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm
6b5137bf379fbfc861441151039575da
SUSE Linux 8.2:
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-115.i586.rpm
50d261b44616f9145a0dc16df501a504
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-115.i586.rpm
10095854c0bdae20991d90b822352e14
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-115.i586.rpm
a2ef7cfb0e62ad955dda2b0574eb3150
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-115.i586.rpm
1d2b0d0e2c7998685ed04c24e593b196
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-115.i586.rpm
d8bf98c46ba5313db286d5706f7fb3b8
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-115.src.rpm
e13a7b4c2b185cfeb991c31607f79ccb
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-115.src.rpm
0e2f2cf20e7d7a20f3e50b245105df61
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-115.src.rpm
6cfac2914d3827ec562ff9d6be29c566
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-115.src.rpm
afd29843aa69d805ef5f25d39ecd0e7f
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-115.src.rpm
098a1400a48404931acb8b3eb2e821fb
SUSE Linux 8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-231.i586.rpm
3bdaa593d09a7cbff632a2c4446d5603
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-231.i586.rpm
ba60d0b2b6d3bc9c38b4e8b3859e1586
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-231.i586.rpm
ffa8983669004826a0cbedbe34dced76
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-231.i586.rpm
25174fd007f5a39ee0342dd6f18f2eaa
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/kernel-source-2.4.21-231.i586.rpm
10837fa561cd5104e55d48e46c837764
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_deflt-2.4.21-231.src.rpm
c37e8b87819602e77b14206affef00fa
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_athlon-2.4.21-231.src.rpm
7be68a677db5a65be1a46ec194b35497
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_smp-2.4.21-231.src.rpm
8e4b7d5a6bb81da5a00971cdcc4ec641
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_psmp-2.4.21-231.src.rpm
d8ba1db81a9b517f867c970e4fc443a7
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-231.src.rpm
96a0a9242d066083c7bff8e0f70b7bbe
SUSE Linux 8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-303.i386.rpm
ec1e53b3812c0c0bd3681435d69fb134
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-303.i386.rpm
583164e52019ae090fd47e425c2a933e
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-303.i386.rpm
9ac8983abef05697d75f3117e37e5f18
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-303.i386.rpm
4932c4d6a42fc9be02013f398ab5bb96
ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/kernel-source-2.4.18.SuSE-303.i386.rpm
b9de0731f9bbc4b016455a6d52cd8296
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_deflt-2.4.18-303.src.rpm
a73bacad80432c26e856c41338b154bd
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_smp-2.4.18-303.src.rpm
782902cd14e7776db66bd61a12beee03
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_psmp-2.4.18-303.src.rpm
d71fa5cda488ae18f8d023cd8f28bb73
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_i386-2.4.18-303.src.rpm
a360a9e6ed2db54f69e17db36f02614f
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-303.nosrc.rpm
8017fd6ff8a6fc1a0660ab35ad174388
x86-64 Platform:
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.95.x86_64.rpm
e2c53fd24991f739fd754c07f7aa8293
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.95.x86_64.rpm
f4a69622b7628cdd662a4e39aa59b60e
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source-2.6.5-7.95.x86_64.rpm
e71adfb1fc662600eb11d3acf67c3dc3
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm
f6a364879d1f2ae2cf854810d61be3ac
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm
a0096d1fc067d89c9200ea3904713d59
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm
bf6d0439cfc37b50b4f6822c3403a74f
SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-231.x86_64.rpm
17e008a737e5e95e71335e34fa7f86cf
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-231.x86_64.rpm
ca742b550b1a503595b02cbfc9e0e481
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/kernel-source-2.4.21-231.x86_64.rpm
8e0c16c42d1a89aa6a09be1dd575de47
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm
58b1bf42b5661119d06a04888144707a
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm
5103001136e39fca5a59f4cbde82822b
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm
231c9e5e00f17df8cfd72d6c8a68d9cf
2) Pending vulnerabilities in SUSE Distributions and Workarounds:
- icecast
The icecast service is vulnerable to a remote denial-of-service
attack. Update packages will be available soon.
- sitecopy
The sitecopy package includes a vulnerable version of the
neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
available soon.
- cadaver
The cadaver package includes a vulnerable version of the
neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
available soon.
- OpenOffice_org
The OpenOffice_org package includes a vulnerable version
of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages
will be available soon.
- tripwire
A format string bug in tripwire can be exploited locally
to gain root permissions.
New packages are available.
- postgresql
A buffer overflow in psqlODBC could be exploited to crash the
application using it. E.g. a PHP script that uses ODBC to access a
PostgreSQL database can be utilized to crash the surrounding Apache
web-server. Other parts of PostgreSQL are not affected.
New packages are available.
- XDM/XFree86
This update resolves random listening to ports by XDM
that allows to connect via the XDMCP. SUSE LINUX 9.1
is affected only.
New packages are available.
- mod_proxy
A buffer overflow can be triggered by malicious remote
servers that return a negative Content-Length value.
This vulnerability can be used to execute commands remotely
New packages are available.
- freeswan
A bug in the certificate chain authentication code could allow an
attacker to authenticate any host against a FreeS/WAN server by
presenting specially crafted certificates wrapped in a PKCS#7 file.
The packages are currently being tested and will be available soon.
- ipsec-tools
The racoon daemon which is responsible for handling IKE messages
fails to reject invalid or self-signed X.509 certificates which
allows for man-in-the-middle attacks on IPsec tunnels established
via racoon.
The packages are currently being tested and will be available soon.
- less
This update fixes a possible symlink attack in lessopen.sh. The
attack can be executed by local users to overwrite arbitrary files
with the privileges of the user running less.
New packages are available.
- libpng
This update adds a missing fix for CAN-2002-1363.
New packages are available.
- pavuk
This update fixes a remotely exploitable buffer overflow in pavuk.
Thanks to Ulf Harnhammar for reporting this to us.
New packages are available.
- kdebase3
This update fixes a possible attack on tmp files created at the
first login of a user using KDE or at the first time running a
KDE application. This bug can be exploited locally to overwrite
arbitrary files with the privilege of the victim user.
Just affects SUSE LINUX 9.1
New packages are available.
3) standard appendix: authenticity verification, additional information
-
Package authenticity verification:
SUSE update packages are available on many mirror ftp servers around the world. While this service is considered valuable and important to the free and open source software community, many users wish to be certain as to be the origin of the package and its content before installing the package. There are two independent verification methods that can be used to prove the authenticity of a downloaded file or rpm package: 1) md5sums as provided in the (cryptographically signed) announcement. 2) using the internal gpg signatures of the rpm package.
1) execute the command md5sum after you have downloaded the file from a SUSE ftp server or its mirrors. Then, compare the resulting md5sum with the one that is listed in the announcement. Since the announcement containing the checksums is cryptographically signed (usually using the key security@suse.de), the checksums offer proof of the authenticity of the package. We recommend against subscribing to security lists which cause the email message containing the announcement to be modified so that the signature does not match after transport through the mailing list software. Downsides: You must be able to verify the authenticity of the announcement in the first place. If RPM packages are being rebuilt and a new version of a package is published on the ftp server, all md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity of an rpm package. Use the command rpm -v --checksig to verify the signature of the package, where is the filename of the rpm package that you have downloaded. Of course, package authenticity verification can only target an un-installed rpm package file. Prerequisites: a) gpg is installed b) The package is signed using a certain key. The public part of this key must be installed by the gpg program in the directory ~/.gnupg/ under the user's home directory who performs the signature verification (usually root). You can import the key that is used by SUSE in rpm packages for SUSE Linux by saving this announcement to a file ("announcement.txt") and running the command (do "su -" to be root): gpg --batch; gpg < announcement.txt | gpg --import SUSE Linux distributions version 7.1 and thereafter install the key "build@suse.de" upon installation or upgrade, provided that the package gpg is installed. The file containing the public key is placed at the top-level directory of the first CD (pubring.gpg) and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
-
SUSE runs two security mailing lists to which any interested party may subscribe:
suse-security@suse.com - general/linux/SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an email to suse-security-subscribe@suse.com.
suse-security-announce@suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an email to suse-security-announce-subscribe@suse.com.
For general information or the frequently asked questions (faq) send mail to: suse-security-info@suse.com or suse-security-faq@suse.com respectively.
===================================================================== SUSE's security contact is security@suse.com or security@suse.de. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, it is desired that the clear-text signature must show proof of the authenticity of the text. SUSE Linux AG makes no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team security@suse.de pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key build@suse.de
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK-----
- - | Roman Drahtm\xfcller draht@suse.de // "You don't need eyes to see, | SUSE Linux AG - Security Phone: // you need vision!" | N\xfcrnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)
iQEVAwUBQOWPL3ey5gA9JdPZAQFFzQf+Mo5WmO40BDHakn4qD5rAcfU6H/0rhMpy Bi8r+g6GoSp/m2Zy+1O0Qn3jVb/iirVlnHH3DND1r/GunM3c5CTaMYt2Bt7PTOdt OsjD41lbiFlHDmmmaodROQvcrz7T67YU0gCtSKJdDfs2ATiiUOcyUQZNfi/PiEqD jwmKpP5c1NXSXPSwZ2f430itJA5iUqqVBeB1WHn63kOnIKtHBJ9c6uw3rZ99t1OA iud3L+VQSycb8xQSlOsuiaYW1S236VsogKWRbqY76eo7E2AnVQlMpcZkyW91/vfT WntQlZJAaGFX1q/IyGy+PGFPUoJjNc7H6jy5ZqJqXR5Sb0KrHfadCQ== =24bz -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0084",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.6.0"
},
{
"model": "email server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "3.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "9.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8"
},
{
"model": "email server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "3"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "9.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.9"
},
{
"model": "linux database server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "linux connectivity server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.0"
},
{
"model": "mandrake multi network firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "8.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "linux office server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "linux firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "linux firewall",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "gentoo linux",
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "sun 9.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "5.8"
},
{
"model": "email server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux database server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "mandrake linux corporate server",
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": "kernel",
"scope": null,
"trust": 0.8,
"vendor": "linux",
"version": null
},
{
"model": "mandrake linux",
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": "linux connectivity server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "mandrake multi network firewall",
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "5.9"
},
{
"model": "linux office server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "sun solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "9.0"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.2"
},
{
"model": "kernel -rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel -rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
}
],
"sources": [
{
"db": "BID",
"id": "10779"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000929"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-022"
},
{
"db": "NVD",
"id": "CVE-2004-0496"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_email_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_email_server:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0496"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SuSE Security Advisory",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-022"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0496",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2004-0496",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-8926",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0496",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-022",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-8926",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8926"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000929"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-022"
},
{
"db": "NVD",
"id": "CVE-2004-0496"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. mandrakesoft of mandrake multi network firewall Unspecified vulnerabilities exist in products from multiple vendors.None. \nThese vulnerabilities were referenced in a SuSe advisory, however, further details are not currently available. This BID will be updated or retired as more information becomes available. \nIt is reported that these issues present themselves in Linux kernel 2.6. The leak did not provide specifics. -----BEGIN PGP SIGNED MESSAGE-----\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: kernel\n Announcement-ID: SUSE-SA:2004:020\n Date: Tuesday, Jul 2nd 2004 18:00 MEST\n Affected products: 8.0, 8.1, 8.2, 9.0, 9.1\n SUSE Linux Database Server,\n SUSE eMail Server III, 3.1\n SUSE Linux Enterprise Server 7, 8\n SUSE Linux Firewall on CD/Admin host\n SUSE Linux Connectivity Server\n SUSE Linux Office Server\n Vulnerability Type: local privilege escalation\n Severity (1-10): 6\n SUSE default package: yes\n Cross References:\tCAN-2004-0495\n\t\t\t\tCAN-2004-0496\n\t\t\t\tCAN-2004-0497\n\t\t\t\tCAN-2004-0535\n\t\t\t\tCAN-2004-0626\n\n\n Content of this advisory:\n 1) security vulnerability resolved:\n\t\t- chown: users can change the group affiliation of arbitrary\n\t\t files to the group they belong to\n\t\t- missing DAC check in chown(2): local privilege escalation\n\t - overflow with signals: local denial-of-service\n \t- pss, mpu401 sound driver: read/write to complete memory\n\t - airo driver: read/write to complete memory\n \t- ALSA: copy_from_user/copy_to_user confused\n \t- acpi_asus: read from random memory\n \t- decnet: write to memory without checking\n \t- e1000 driver: read complete memory\n problem description, discussion, solution and upgrade information\n 2) pending vulnerabilities, solutions, workarounds:\n\t\t- icecast\n - sitecopy\n - cadaver\n - OpenOffice_org\n - tripwire\n - postgresql*\n - mod_proxy\n\t\t- freeswan\n\t\t- ipsec-tools\n\t\t- less\n\t\t- libpng\n\t\t- pavuk\n\t\t- XFree86*\n\t\t- kdebase3\n 3) standard appendix (further information)\n\n______________________________________________________________________________\n\n1) problem description, brief discussion, solution, upgrade information\n\n Multiple security vulnerabilities are being addressed with this security\n update of the Linux kernel. \n\n Kernel memory access vulnerabilities are fixed in the e1000, decnet, \n acpi_asus, alsa, airo/WLAN, pss and mpu401 drivers. \n\n Missing Discretionary Access Control (DAC) checks in the chown(2) system\n call allow an attacker with a local account to change the group\n ownership of arbitrary files, which leads to root privileges on affected\n systems. An interesting variant of the missing \n checks is that the ownership of files in the /proc filesystem can be \n altered, while the changed ownership still does not allow the files to \n be accessed as a non-root user for to be able to exploit the \n vulnerability. Systems that are based on a version 2.4 kernel are not \n vulnerable to the /proc weakness, and exploitation of the weakness \n requires the use of the kernel NFS server (knfsd). If the knfsd NFS \n server is not activated (it is off by default), the vulnerability is \n not exposed. \n\n The only network-related vulnerability fixed with the kernel updates\n that are subject to this announcement affect the SUSE Linux 9.1 \n distribution only, as it is based on a 2.6 kernel. Found and reported \n to bugtraq by Adam Osuchowski and Tomasz Dubinski, the vulnerability \n allows a remote attacker to send a specially crafted TCP packet to a \n vulnerable system, causing that system to stall if it makes use of \n TCP option matching netfilter rules. \n\n In some rare configurations of the SUSE Linux 9.1 distribution, some \n users have experienced stalling systems during system startup. \n\n\n\n SPECIAL INSTALL INSTRUCTIONS:\n ==============================\n For the impatient: Run YOU (Yast2 Online Update, command \n \"yast2 online_update\" as root) to install the updates (semi) \n automatically, if you have a SUSE Linux 8.1 and newer system. \n\n For those who wish to install their kernel updates manually and for \n those who use a SUSE Linux 8.0 system:\n\n The following paragraphs will guide you through the installation\n process in a step-by-step fashion. The character sequence \"****\"\n marks the beginning of a new paragraph. In some cases, the steps\n outlined in a particular paragraph may or may not be applicable\n to your situation. \n Therefore, please make sure to read through all of the steps below\n before attempting any of these procedures. \n All of the commands that need to be executed are required to be\n run as the superuser (root). Each step relies on the steps before\n it to complete successfully. \n\n\n **** Step 1: Determine the needed kernel type\n\n Please use the following command to find the kernel type that is\n installed on your system:\n\n rpm -qf /boot/vmlinuz\n\n Following are the possible kernel types (disregard the version and\n build number following the name separated by the \"-\" character)\n\n k_deflt # default kernel, good for most systems. \n k_i386 # kernel for older processors and chipsets\n k_athlon # kernel made specifically for AMD Athlon(tm) family processors\n k_psmp # kernel for Pentium-I dual processor systems\n k_smp # kernel for SMP systems (Pentium-II and above)\n k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM\n kernel-64k-pagesize\n kernel-bigsmp\n kernel-default\n kernel-smp\n\n **** Step 2: Download the package for your system\n\n Please download the kernel RPM package for your distribution with the\n name as indicated by Step 1. The list of all kernel rpm packages is\n appended below. Note: The kernel-source package does not\n contain a binary kernel in bootable form. Instead, it contains the\n sources that the binary kernel rpm packages are created from. It can be\n used by administrators who have decided to build their own kernel. \n Since the kernel-source.rpm is an installable (compiled) package that\n contains sources for the linux kernel, it is not the source RPM for\n the kernel RPM binary packages. \n\n The kernel RPM binary packages for the distributions can be found at the\n locations below ftp://ftp.suse.com/pub/suse/i386/update/. \n\n 8.0/images/\n 8.1/rpm/i586\n 8.2/rpm/i586\n 9.0/rpm/i586\n 9.1/rpm/i586\n\n After downloading the kernel RPM package for your system, you should\n verify the authenticity of the kernel rpm package using the methods as\n listed in section 3) of each SUSE Security Announcement. \n\n\n **** Step 3: Installing your kernel rpm package\n\n Install the rpm package that you have downloaded in Steps 3 or 4 with\n the command\n rpm -Uhv --nodeps --force \u003cK_FILE.RPM\u003e\n where \u003cK_FILE.RPM\u003e is the name of the rpm package that you downloaded. \n\n Warning: After performing this step, your system will likely not be\n able to boot if the following steps have not been fully\n followed. \n\n\n If you run SUSE LINUX 8.1 and haven\u0027t applied the kernel update\n (SUSE-SA:2003:034), AND you are using the freeswan package, you also\n need to update the freeswan rpm as a dependency as offered\n by YOU (YaST Online Update). The package can be downloaded from\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/\n\n **** Step 4: configuring and creating the initrd\n\n The initrd is a ramdisk that is loaded into the memory of your\n system together with the kernel boot image by the bootloader. The\n kernel uses the content of this ramdisk to execute commands that must\n be run before the kernel can mount its actual root filesystem. It is\n usually used to initialize SCSI drivers or NIC drivers for diskless\n operation. \n\n The variable INITRD_MODULES in /etc/sysconfig/kernel determines\n which kernel modules will be loaded in the initrd before the kernel\n has mounted its actual root filesystem. The variable should contain\n your SCSI adapter (if any) or filesystem driver modules. \n\n With the installation of the new kernel, the initrd has to be\n re-packed with the update kernel modules. Please run the command\n\n mk_initrd\n\n as root to create a new init ramdisk (initrd) for your system. \n On SuSE Linux 8.1 and later, this is done automatically when the\n RPM is installed. \n\n\n **** Step 5: bootloader\n\n If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there\n are two options:\n Depending on your software configuration, you have either the lilo\n bootloader or the grub bootloader installed and initialized on your\n system. \n The grub bootloader does not require any further actions to be\n performed after the new kernel images have been moved in place by the\n rpm Update command. \n If you have a lilo bootloader installed and initialized, then the lilo\n program must be run as root. Use the command\n\n grep LOADER_TYPE /etc/sysconfig/bootloader\n\n to find out which boot loader is configured. If it is lilo, then you\n must run the lilo command as root. If grub is listed, then your system\n does not require any bootloader initialization. \n\n Warning: An improperly installed bootloader may render your system\n unbootable. \n\n **** Step 6: reboot\n\n If all of the steps above have been successfully completed on your\n system, then the new kernel including the kernel modules and the\n initrd should be ready to boot. The system needs to be rebooted for\n the changes to become active. Please make sure that all steps have\n completed, then reboot using the command\n shutdown -r now\n or\n init 6\n\n Your system should now shut down and reboot with the new kernel. \n\n\n There is no workaround known. \n\n\n Please download the update package for your distribution and verify its\n integrity by the methods listed in section 3) of this announcement. \n Then, install the package using the command \"rpm -Fhv file.rpm\" to apply\n the update. \n Our maintenance customers are being notified individually. The packages\n are being offered to install from the maintenance web. \n\n\n\n\n\n x86 Platform:\n\n SUSE Linux 9.1:\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.95.i586.rpm\n 800418d3dddf6d3b83925f562842205a\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.95.i586.rpm\n 0cb990b159e10685bb29b76d312ddd25\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm\n 7446bb70f52bce57a914066be4ed8e45\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm\n 7446bb70f52bce57a914066be4ed8e45\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.95.i586.rpm\n ede031495ee19d8b6eca1873e7155332\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm\n 620ef40226fec31a773397cf3051bf36\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm\n 9b61b5a70b304f5554cb18a6bae5b5fd\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.95.nosrc.rpm\n 227c85280ee17a66c8590fe1bb14c596\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm\n 895fee3033de0810ff1173ce8ee87936\n\n SUSE Linux 9.0:\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-231.i586.rpm\n 48be395b96329909486ae3a5152348fa\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-231.i586.rpm\n 4cd322b4f511d5fe4c483ed28a82097e\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-231.i586.rpm\n 262e33cebf1b0d35fb6d3235c9ab8815\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-231.i586.rpm\n 8d81370f90736b12aa71b9c744f6e0e2\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-231.i586.rpm\n bc59c838c84ba318dc4d24da08a3022e\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-231.i586.rpm\n f9586ba982e0398c3e48871955b661aa\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm\n 18673b0bf347fe9557d4e67ca02000c0\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-231.src.rpm\n 71496daac44196b0e0a3836ee6a3b4ed\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm\n 7c208e9e3f7be1a68c3c8457eb2cafc4\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-231.src.rpm\n b77863c863aaf4b931bff263220e6ec9\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-231.src.rpm\n bed7e964e22c5e5d2f5e7a5e3816dde4\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm\n 6b5137bf379fbfc861441151039575da\n\n SUSE Linux 8.2:\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-115.i586.rpm\n 50d261b44616f9145a0dc16df501a504\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-115.i586.rpm\n 10095854c0bdae20991d90b822352e14\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-115.i586.rpm\n a2ef7cfb0e62ad955dda2b0574eb3150\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-115.i586.rpm\n 1d2b0d0e2c7998685ed04c24e593b196\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-115.i586.rpm\n d8bf98c46ba5313db286d5706f7fb3b8\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-115.src.rpm\n e13a7b4c2b185cfeb991c31607f79ccb\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-115.src.rpm\n 0e2f2cf20e7d7a20f3e50b245105df61\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-115.src.rpm\n 6cfac2914d3827ec562ff9d6be29c566\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-115.src.rpm\n afd29843aa69d805ef5f25d39ecd0e7f\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-115.src.rpm\n 098a1400a48404931acb8b3eb2e821fb\n\n SUSE Linux 8.1:\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-231.i586.rpm\n 3bdaa593d09a7cbff632a2c4446d5603\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-231.i586.rpm\n ba60d0b2b6d3bc9c38b4e8b3859e1586\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-231.i586.rpm\n ffa8983669004826a0cbedbe34dced76\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-231.i586.rpm\n 25174fd007f5a39ee0342dd6f18f2eaa\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/kernel-source-2.4.21-231.i586.rpm\n 10837fa561cd5104e55d48e46c837764\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_deflt-2.4.21-231.src.rpm\n c37e8b87819602e77b14206affef00fa\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_athlon-2.4.21-231.src.rpm\n 7be68a677db5a65be1a46ec194b35497\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_smp-2.4.21-231.src.rpm\n 8e4b7d5a6bb81da5a00971cdcc4ec641\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_psmp-2.4.21-231.src.rpm\n d8ba1db81a9b517f867c970e4fc443a7\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-231.src.rpm\n 96a0a9242d066083c7bff8e0f70b7bbe\n\n SUSE Linux 8.0:\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-303.i386.rpm\n ec1e53b3812c0c0bd3681435d69fb134\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-303.i386.rpm\n 583164e52019ae090fd47e425c2a933e\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-303.i386.rpm\n 9ac8983abef05697d75f3117e37e5f18\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-303.i386.rpm\n 4932c4d6a42fc9be02013f398ab5bb96\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/kernel-source-2.4.18.SuSE-303.i386.rpm\n b9de0731f9bbc4b016455a6d52cd8296\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_deflt-2.4.18-303.src.rpm\n a73bacad80432c26e856c41338b154bd\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_smp-2.4.18-303.src.rpm\n 782902cd14e7776db66bd61a12beee03\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_psmp-2.4.18-303.src.rpm\n d71fa5cda488ae18f8d023cd8f28bb73\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_i386-2.4.18-303.src.rpm\n a360a9e6ed2db54f69e17db36f02614f\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-303.nosrc.rpm\n 8017fd6ff8a6fc1a0660ab35ad174388\n\n\n\n x86-64 Platform:\n\n SUSE Linux 9.1:\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.95.x86_64.rpm\n e2c53fd24991f739fd754c07f7aa8293\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.95.x86_64.rpm\n f4a69622b7628cdd662a4e39aa59b60e\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source-2.6.5-7.95.x86_64.rpm\n e71adfb1fc662600eb11d3acf67c3dc3\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm\n f6a364879d1f2ae2cf854810d61be3ac\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm\n a0096d1fc067d89c9200ea3904713d59\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm\n bf6d0439cfc37b50b4f6822c3403a74f\n\n SUSE Linux 9.0:\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-231.x86_64.rpm\n 17e008a737e5e95e71335e34fa7f86cf\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-231.x86_64.rpm\n ca742b550b1a503595b02cbfc9e0e481\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/kernel-source-2.4.21-231.x86_64.rpm\n 8e0c16c42d1a89aa6a09be1dd575de47\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm\n 58b1bf42b5661119d06a04888144707a\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm\n 5103001136e39fca5a59f4cbde82822b\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm\n 231c9e5e00f17df8cfd72d6c8a68d9cf\n\n\n______________________________________________________________________________\n\n2) Pending vulnerabilities in SUSE Distributions and Workarounds:\n\n - icecast\n The icecast service is vulnerable to a remote denial-of-service\n attack. Update packages will be available soon. \n\n - sitecopy\n The sitecopy package includes a vulnerable version of the\n neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be\n available soon. \n\n - cadaver\n The cadaver package includes a vulnerable version of the\n neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be\n available soon. \n\n - OpenOffice_org\n The OpenOffice_org package includes a vulnerable version\n of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages\n will be available soon. \n\n - tripwire\n A format string bug in tripwire can be exploited locally\n to gain root permissions. \n New packages are available. \n\n - postgresql\n A buffer overflow in psqlODBC could be exploited to crash the\n application using it. E.g. a PHP script that uses ODBC to access a\n PostgreSQL database can be utilized to crash the surrounding Apache\n web-server. Other parts of PostgreSQL are not affected. \n New packages are available. \n\n - XDM/XFree86\n This update resolves random listening to ports by XDM\n that allows to connect via the XDMCP. SUSE LINUX 9.1\n is affected only. \n New packages are available. \n\n - mod_proxy\n A buffer overflow can be triggered by malicious remote\n servers that return a negative Content-Length value. \n This vulnerability can be used to execute commands remotely\n New packages are available. \n\n - freeswan\n A bug in the certificate chain authentication code could allow an\n attacker to authenticate any host against a FreeS/WAN server by\n presenting specially crafted certificates wrapped in a PKCS#7 file. \n The packages are currently being tested and will be available soon. \n\n - ipsec-tools\n The racoon daemon which is responsible for handling IKE messages\n fails to reject invalid or self-signed X.509 certificates which\n allows for man-in-the-middle attacks on IPsec tunnels established\n via racoon. \n The packages are currently being tested and will be available soon. \n\n - less\n This update fixes a possible symlink attack in lessopen.sh. The\n attack can be executed by local users to overwrite arbitrary files\n with the privileges of the user running less. \n New packages are available. \n\n - libpng\n This update adds a missing fix for CAN-2002-1363. \n New packages are available. \n\n - pavuk\n This update fixes a remotely exploitable buffer overflow in pavuk. \n Thanks to Ulf Harnhammar for reporting this to us. \n New packages are available. \n\n - kdebase3\n This update fixes a possible attack on tmp files created at the\n first login of a user using KDE or at the first time running a\n KDE application. This bug can be exploited locally to overwrite\n arbitrary files with the privilege of the victim user. \n Just affects SUSE LINUX 9.1\n New packages are available. \n\n______________________________________________________________________________\n\n3) standard appendix: authenticity verification, additional information\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror ftp servers around\n the world. While this service is considered valuable and important\n to the free and open source software community, many users wish to be\n certain as to be the origin of the package and its content before\n installing the package. There are two independent verification methods\n that can be used to prove the authenticity of a downloaded file or\n rpm package:\n 1) md5sums as provided in the (cryptographically signed) announcement. \n 2) using the internal gpg signatures of the rpm package. \n\n 1) execute the command\n md5sum \u003cname-of-the-file.rpm\u003e\n after you have downloaded the file from a SUSE ftp server or its\n mirrors. Then, compare the resulting md5sum with the one that is\n listed in the announcement. Since the announcement containing the\n checksums is cryptographically signed (usually using the key\n security@suse.de), the checksums offer proof of the authenticity\n of the package. \n We recommend against subscribing to security lists which cause the\n email message containing the announcement to be modified so that\n the signature does not match after transport through the mailing\n list software. \n Downsides: You must be able to verify the authenticity of the\n announcement in the first place. If RPM packages are being rebuilt\n and a new version of a package is published on the ftp server, all\n md5 sums for the files are useless. \n\n 2) rpm package signatures provide an easy way to verify the authenticity\n of an rpm package. Use the command\n rpm -v --checksig \u003cfile.rpm\u003e\n to verify the signature of the package, where \u003cfile.rpm\u003e is the\n filename of the rpm package that you have downloaded. Of course,\n package authenticity verification can only target an un-installed rpm\n package file. \n Prerequisites:\n a) gpg is installed\n b) The package is signed using a certain key. The public part of this\n key must be installed by the gpg program in the directory\n ~/.gnupg/ under the user\u0027s home directory who performs the\n signature verification (usually root). You can import the key\n that is used by SUSE in rpm packages for SUSE Linux by saving\n this announcement to a file (\"announcement.txt\") and\n running the command (do \"su -\" to be root):\n gpg --batch; gpg \u003c announcement.txt | gpg --import\n SUSE Linux distributions version 7.1 and thereafter install the\n key \"build@suse.de\" upon installation or upgrade, provided that\n the package gpg is installed. The file containing the public key\n is placed at the top-level directory of the first CD (pubring.gpg)\n and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de . \n\n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n suse-security@suse.com\n - general/linux/SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an email to\n \u003csuse-security-subscribe@suse.com\u003e. \n\n suse-security-announce@suse.com\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an email to\n \u003csuse-security-announce-subscribe@suse.com\u003e. \n\n For general information or the frequently asked questions (faq)\n send mail to:\n \u003csuse-security-info@suse.com\u003e or\n \u003csuse-security-faq@suse.com\u003e respectively. \n\n =====================================================================\n SUSE\u0027s security contact is \u003csecurity@suse.com\u003e or \u003csecurity@suse.de\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular,\n it is desired that the clear-text signature must show proof of the\n authenticity of the text. \n SUSE Linux AG makes no warranties of any kind whatsoever with respect\n to the information contained in this security advisory. \n\nType Bits/KeyID Date User ID\npub 2048R/3D25D3D9 1999-03-06 SuSE Security Team \u003csecurity@suse.de\u003e\npub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key \u003cbuild@suse.de\u003e\n\n#####-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.0.6 (GNU/Linux)\nComment: For info see http://www.gnupg.org\n\nmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff\n4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d\nM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO\nQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK\nXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE\nD3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd\nG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM\nCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE\nmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr\nYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD\nwmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d\nNfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe\nQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe\nLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t\nXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU\nD9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3\n0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot\n1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW\ncRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E\nExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f\nAJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E\nOe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/\nHZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h\nt5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT\ntGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM\n523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q\n2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8\nQnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw\nJxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ\n1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH\nORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1\nwwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY\nEQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol\n0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK\nCRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co\nSPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo\nomuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt\nA46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J\n/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE\nGrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf\nebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT\nZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8\nRQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ\n8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb\nB6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X\n11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA\n8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj\nqY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p\nWH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL\nhn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG\nBafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+\nAvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi\nRZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0\nzinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM\n/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7\nwhaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl\nD+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz\ndbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI\nRgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI\nDgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=\n=LRKC\n- -----END PGP PUBLIC KEY BLOCK-----\n\n- -- \n - -\n| Roman Drahtm\\xfcller \u003cdraht@suse.de\u003e // \"You don\u0027t need eyes to see, |\n SUSE Linux AG - Security Phone: // you need vision!\"\n| N\\xfcrnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |\n - -\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.0.7 (GNU/Linux)\n\niQEVAwUBQOWPL3ey5gA9JdPZAQFFzQf+Mo5WmO40BDHakn4qD5rAcfU6H/0rhMpy\nBi8r+g6GoSp/m2Zy+1O0Qn3jVb/iirVlnHH3DND1r/GunM3c5CTaMYt2Bt7PTOdt\nOsjD41lbiFlHDmmmaodROQvcrz7T67YU0gCtSKJdDfs2ATiiUOcyUQZNfi/PiEqD\njwmKpP5c1NXSXPSwZ2f430itJA5iUqqVBeB1WHn63kOnIKtHBJ9c6uw3rZ99t1OA\niud3L+VQSycb8xQSlOsuiaYW1S236VsogKWRbqY76eo7E2AnVQlMpcZkyW91/vfT\nWntQlZJAaGFX1q/IyGy+PGFPUoJjNc7H6jy5ZqJqXR5Sb0KrHfadCQ==\n=24bz\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0496"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000929"
},
{
"db": "BID",
"id": "10779"
},
{
"db": "VULHUB",
"id": "VHN-8926"
},
{
"db": "PACKETSTORM",
"id": "33705"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0496",
"trust": 3.7
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000929",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200412-022",
"trust": 0.7
},
{
"db": "BID",
"id": "10779",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-8926",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33705",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8926"
},
{
"db": "BID",
"id": "10779"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000929"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-022"
},
{
"db": "NVD",
"id": "CVE-2004-0496"
}
]
},
"id": "VAR-200412-0084",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8926"
}
],
"trust": 0.01
},
"last_update_date": "2024-06-09T19:52:06.030000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Mandrake\u00a0Linux\u00a09.1 SUSESUSE",
"trust": 0.8,
"url": "https://www.gentoo.org/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000929"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "others (CWE-Other) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000929"
},
{
"db": "NVD",
"id": "CVE-2004-0496"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
},
{
"trust": 1.9,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16625"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0496"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0535"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0497"
},
{
"trust": 0.1,
"url": "http://www.gnupg.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0495"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8926"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000929"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "NVD",
"id": "CVE-2004-0496"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-8926"
},
{
"db": "BID",
"id": "10779"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000929"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-022"
},
{
"db": "NVD",
"id": "CVE-2004-0496"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-8926"
},
{
"date": "2004-07-22T00:00:00",
"db": "BID",
"id": "10779"
},
{
"date": "2024-06-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000929"
},
{
"date": "2004-07-02T12:32:00",
"db": "PACKETSTORM",
"id": "33705"
},
{
"date": "2004-07-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-022"
},
{
"date": "2004-12-06T05:00:00",
"db": "NVD",
"id": "CVE-2004-0496"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-8926"
},
{
"date": "2009-07-12T06:16:00",
"db": "BID",
"id": "10779"
},
{
"date": "2024-06-07T08:58:00",
"db": "JVNDB",
"id": "JVNDB-2004-000929"
},
{
"date": "2005-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-022"
},
{
"date": "2018-10-30T16:26:23.107000",
"db": "NVD",
"id": "CVE-2004-0496"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "10779"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-022"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "mandrakesoft\u00a0 of \u00a0mandrake\u00a0multi\u00a0network\u00a0firewall\u00a0 Vulnerabilities in products from multiple vendors such as",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000929"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "10779"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-022"
}
],
"trust": 0.9
}
}
VAR-199912-0023
Vulnerability from variot - Updated: 2024-05-15 22:38lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. SGI of IRIX Unspecified vulnerabilities exist in products from multiple vendors.None. SunOS is prone to a local security vulnerability. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks. SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems have the lpr vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199912-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bsd",
"scope": "eq",
"trust": 1.3,
"vendor": "bsd",
"version": "4.3"
},
{
"model": "irix",
"scope": "lte",
"trust": 1.0,
"vendor": "sgi",
"version": "5.2"
},
{
"model": "a ux",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "sunos",
"scope": "lte",
"trust": 1.0,
"vendor": "sun",
"version": "4.1.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.9,
"vendor": "sgi",
"version": "5.2"
},
{
"model": "a/ux",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "solaris",
"scope": "lte",
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "4.1.1 and earlier"
},
{
"model": "irix",
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": "bsd",
"scope": null,
"trust": 0.8,
"vendor": "bsd",
"version": null
},
{
"model": "sunos",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1.1"
}
],
"sources": [
{
"db": "BID",
"id": "88452"
},
{
"db": "JVNDB",
"id": "JVNDB-1999-000075"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-156"
},
{
"db": "NVD",
"id": "CVE-1999-1102"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:a_ux:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:bsd:bsd:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1102"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "88452"
}
],
"trust": 0.3
},
"cve": "CVE-1999-1102",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-1999-1102",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-1083",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-1999-1102",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-199912-156",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-1083",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1083"
},
{
"db": "JVNDB",
"id": "JVNDB-1999-000075"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-156"
},
{
"db": "NVD",
"id": "CVE-1999-1102"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. SGI of IRIX Unspecified vulnerabilities exist in products from multiple vendors.None. SunOS is prone to a local security vulnerability. \nAttackers can exploit this issue to perform unauthorized actions. This may aid in further attacks. SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems have the lpr vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1102"
},
{
"db": "JVNDB",
"id": "JVNDB-1999-000075"
},
{
"db": "BID",
"id": "88452"
},
{
"db": "VULHUB",
"id": "VHN-1083"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-1102",
"trust": 3.6
},
{
"db": "JVNDB",
"id": "JVNDB-1999-000075",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-199912-156",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "19940307 8LGM ADVISORY RELEASES",
"trust": 0.6
},
{
"db": "CIAC",
"id": "E-25A",
"trust": 0.6
},
{
"db": "BID",
"id": "88452",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-1083",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1083"
},
{
"db": "BID",
"id": "88452"
},
{
"db": "JVNDB",
"id": "JVNDB-1999-000075"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-156"
},
{
"db": "NVD",
"id": "CVE-1999-1102"
}
]
},
"id": "VAR-199912-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1083"
}
],
"trust": 0.01
},
"last_update_date": "2024-05-15T22:38:32.874000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "top page",
"trust": 0.8,
"url": "https://www.apple.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-1999-000075"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "others (CWE-Other) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-1999-000075"
},
{
"db": "NVD",
"id": "CVE-1999-1102"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://ciac.llnl.gov/ciac/bulletins/e-25.shtml"
},
{
"trust": 2.8,
"url": "http://www.phreak.org/archives/security/8lgm/8lgm.lpr"
},
{
"trust": 2.0,
"url": "http://www.aenigma.net/resources/maillist/bugtraq/1994/0091.htm"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-1999-1102"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1083"
},
{
"db": "BID",
"id": "88452"
},
{
"db": "JVNDB",
"id": "JVNDB-1999-000075"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-156"
},
{
"db": "NVD",
"id": "CVE-1999-1102"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1083"
},
{
"db": "BID",
"id": "88452"
},
{
"db": "JVNDB",
"id": "JVNDB-1999-000075"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-156"
},
{
"db": "NVD",
"id": "CVE-1999-1102"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-1083"
},
{
"date": "1999-12-31T00:00:00",
"db": "BID",
"id": "88452"
},
{
"date": "2024-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-1999-000075"
},
{
"date": "1999-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199912-156"
},
{
"date": "1999-12-31T05:00:00",
"db": "NVD",
"id": "CVE-1999-1102"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-1083"
},
{
"date": "1999-12-31T00:00:00",
"db": "BID",
"id": "88452"
},
{
"date": "2024-05-13T09:03:00",
"db": "JVNDB",
"id": "JVNDB-1999-000075"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199912-156"
},
{
"date": "2008-09-05T20:18:43.633000",
"db": "NVD",
"id": "CVE-1999-1102"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "88452"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-156"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SGI\u00a0 of \u00a0IRIX\u00a0 Vulnerabilities in products from multiple vendors such as",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-1999-000075"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199912-156"
}
],
"trust": 0.6
}
}
VAR-200303-0122
Vulnerability from variot - Updated: 2024-03-01 20:03Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. sendmail A buffer overflow vulnerability was discovered in message processing. The vulnerability could allow a third party to gain administrative privileges remotely. This problem, sendmail is caused by receiving a message with maliciously constructed header information. For this reason, LAN is running on a host installed within sendmail Even other MTA (Mail Transfer Agent) You may be affected by the vulnerability if you receive a malicious message relayed from .A third party may be able to remotely obtain administrator privileges. Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component. Successful attackers may exploit this vulnerability to gain control of affected servers. Reportedly, this vulnerability may be locally exploitable if the sendmail binary is setuid/setgid. Sendmail 5.2 to 8.12.7 are affected. Administrators are advised to upgrade to 8.12.8 or to apply patches to earlier versions of the 8.12.x tree. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\% to 75\% of the total. Many UNIX and Linux workstations run Sendmail by default. When an email header contains an address or address list (eg \"From\", \"To\", \"CC\"), Sendmail will attempt to check whether the provided address or address list is valid. Sendmail does this using the crackaddr() function, which is located in the headers.c file in the Sendmail source tree. Sendmail will check this buffer and stop adding data to it if it is found to be full. Sendmail goes through several safety checks to ensure that characters are interpreted correctly. On most Unix or Linux systems, Sendmail runs as the root user. Because the attack code can be included in what appears to be a normal email message, it can easily penetrate many common packet filtering devices or firewalls without being detected. Successful exploitation of an unpatched sendmail system leaves no messages in the syslog. However, on patched systems, attempts to exploit this vulnerability leave the following log message: Dropped invalid comments from header address This vulnerability affects both the commercial and open source versions of Sendmail, and is also reported to have been tested in the lab environment has been successfully exploited
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200303-0122",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.6"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "sendmail",
"scope": "gte",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.0"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "sendmail",
"scope": "lt",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "sendmail",
"scope": "gte",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "5.0"
},
{
"model": "sendmail",
"scope": "lt",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "4.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "alphaserver sc",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.0.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.0"
},
{
"model": "platform sa",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "1.0"
},
{
"model": "sendmail",
"scope": "lt",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "alphaserver sc",
"scope": null,
"trust": 0.9,
"vendor": "hp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bsd os",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sco group sco linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sco group sco unixware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sendmail consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xerox",
"version": null
},
{
"model": "bsd/os",
"scope": null,
"trust": 0.8,
"vendor": "\u30d5\u30a9\u30a2 \u30c1\u30e5\u30fc\u30f3",
"version": null
},
{
"model": "ux4800\u30b7\u30ea\u30fc\u30ba",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "sendmail",
"scope": null,
"trust": 0.8,
"vendor": "sendmail consortium",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "sun cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "systemwalker perfmgr",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "teamware office",
"scope": "eq",
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "sun cobalt raq3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "sendmail switch",
"scope": null,
"trust": 0.8,
"vendor": "\u30bb\u30f3\u30c9\u30e1\u30fc\u30eb\u793e",
"version": null
},
{
"model": "up-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "sun cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "interstage collaborationring pm",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "irix",
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": "netbsd",
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": "sun linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "turbolinux workstation",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "unixware",
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": "interstage collaborationring tpm",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "sendmail pro",
"scope": null,
"trust": 0.8,
"vendor": "\u30bb\u30f3\u30c9\u30e1\u30fc\u30eb\u793e",
"version": null
},
{
"model": "sendmail for nt",
"scope": null,
"trust": 0.8,
"vendor": "\u30bb\u30f3\u30c9\u30e1\u30fc\u30eb\u793e",
"version": null
},
{
"model": "turbolinux advanced server",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "systemwalker it budgetmgr",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "apple mac os x",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "aix",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "hi-ux/we2",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u7acb",
"version": null
},
{
"model": "open unix",
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": "trendmicro interscan viruswall",
"scope": null,
"trust": 0.8,
"vendor": "\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed",
"version": null
},
{
"model": "sun cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "internet navigware server",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "openlinux",
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": "hp-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
"version": null
},
{
"model": "interstage office square",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "red hat enterprise linux",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "sun solaris",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "red hat linux advanced workstation",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "turbolinux server",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "sun cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "red hat linux",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "ews-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "11.04"
},
{
"model": "river systems platform sa",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "1.0"
},
{
"model": "river systems bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "5.0"
},
{
"model": "river systems bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "4.3.1"
},
{
"model": "river systems bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "4.2"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "lx50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq xtr",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3"
},
{
"model": "cobalt qube",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3"
},
{
"model": "cobalt manageraq3 3000r-mr",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt cacheraq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "freeware",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "1.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "consortium sendmail beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta16",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "5.65"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "5.61"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "5.59"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.1"
},
{
"model": "open unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "8.0"
},
{
"model": "z/os v1r4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "z/os v1r2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "os/390 v2r8",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "os/390 v2r10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mvs",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "inc sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "inc sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "inc sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "consortium sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "consortium sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "consortium sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "consortium sendmail",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "gnu/*/linux",
"scope": "ne",
"trust": 0.3,
"vendor": "openwall",
"version": "1.0"
},
{
"model": "networks junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "networks junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.11.6",
"versionStartIncluding": "8.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.9.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.12.8",
"versionStartIncluding": "8.12.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:bsdos:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:bsdos:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:alphaserver_sc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:platform_sa:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:bsdos:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISS X-Force\u203b xforce@iss.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1337",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2002-1337",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-5722",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1337",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#398025",
"trust": 0.8,
"value": "66.00"
},
{
"author": "CNNVD",
"id": "CNNVD-200303-038",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-5722",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. sendmail A buffer overflow vulnerability was discovered in message processing. The vulnerability could allow a third party to gain administrative privileges remotely. This problem, sendmail is caused by receiving a message with maliciously constructed header information. For this reason, LAN is running on a host installed within sendmail Even other MTA (Mail Transfer Agent) You may be affected by the vulnerability if you receive a malicious message relayed from .A third party may be able to remotely obtain administrator privileges. Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component. Successful attackers may exploit this vulnerability to gain control of affected servers. \nReportedly, this vulnerability may be locally exploitable if the sendmail binary is setuid/setgid. \nSendmail 5.2 to 8.12.7 are affected. Administrators are advised to upgrade to 8.12.8 or to apply patches to earlier versions of the 8.12.x tree. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\\\\% to 75\\\\% of the total. Many UNIX and Linux workstations run Sendmail by default. When an email header contains an address or address list (eg \\\"From\\\", \\\"To\\\", \\\"CC\\\"), Sendmail will attempt to check whether the provided address or address list is valid. Sendmail does this using the crackaddr() function, which is located in the headers.c file in the Sendmail source tree. Sendmail will check this buffer and stop adding data to it if it is found to be full. Sendmail goes through several safety checks to ensure that characters are interpreted correctly. On most Unix or Linux systems, Sendmail runs as the root user. Because the attack code can be included in what appears to be a normal email message, it can easily penetrate many common packet filtering devices or firewalls without being detected. Successful exploitation of an unpatched sendmail system leaves no messages in the syslog. However, on patched systems, attempts to exploit this vulnerability leave the following log message: Dropped invalid comments from header address This vulnerability affects both the commercial and open source versions of Sendmail, and is also reported to have been tested in the lab environment has been successfully exploited",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1337"
},
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "VULHUB",
"id": "VHN-5722"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5722",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5722"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1337",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#398025",
"trust": 3.3
},
{
"db": "BID",
"id": "6991",
"trust": 2.8
},
{
"db": "XF",
"id": "10748",
"trust": 1.4
},
{
"db": "XF",
"id": "11653",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038",
"trust": 0.7
},
{
"db": "CALDERA",
"id": "CSSA-2003-SCO.5",
"trust": 0.6
},
{
"db": "CALDERA",
"id": "CSSA-2003-SCO.6",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:074",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:073",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:227",
"trust": 0.6
},
{
"db": "HP",
"id": "HPSBUX0302-246",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030303 FWD: APPLE-SA-2003-03-03 SENDMAIL",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030304 [LSD] TECHNICAL ANALYSIS OF THE REMOTE SENDMAIL VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030304 GLSA: SENDMAIL (200303-4)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030303 SENDMAIL 8.12.8 AVAILABLE",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-07",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2222",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "IY40500",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "IY40502",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "IY40501",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2003:571",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:028",
"trust": 0.6
},
{
"db": "SGI",
"id": "20030301-01-P",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-257",
"trust": 0.6
},
{
"db": "ISS",
"id": "20030303 REMOTE SENDMAIL HEADER PROCESSING VULNERABILITY",
"trust": 0.6
},
{
"db": "NETBSD",
"id": "NETBSD-SA2003-002",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-76118",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76119",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22314",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22313",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "411",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5722",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"id": "VAR-200303-0122",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5722"
}
],
"trust": 0.41392874999999996
},
"last_update_date": "2024-03-01T20:03:34.039000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HS03-001 Fujitsu CERT\u00a0Advisory information",
"trust": 0.8,
"url": "http://www.debian.org/security/2003/dsa-257"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.iss.net/issen/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"trust": 2.8,
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"trust": 2.8,
"url": "http://www.cert.org/advisories/ca-2003-07.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/6991"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=iy40500\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=iy40501\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=iy40502\u0026apar=only"
},
{
"trust": 1.7,
"url": "ftp://ftp.sco.com/pub/updates/unixware/cssa-2003-sco.5"
},
{
"trust": 1.7,
"url": "ftp://ftp.sco.com/pub/updates/openserver/cssa-2003-sco.6"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"trust": 1.7,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2003:028"
},
{
"trust": 1.7,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2003-002.txt.asc"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-073.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-074.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-227.html"
},
{
"trust": 1.7,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-p"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"trust": 1.1,
"url": "http://www.sendmail.org"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2222"
},
{
"trust": 0.8,
"url": "http://www.sendmail.com/security/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.org/archive/1/313757/2003-03-01/2003-03-07/0"
},
{
"trust": 0.8,
"url": "http://www.nipc.gov/warnings/advisories/2003/03-004.htm"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-07"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1337"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2003/at030002.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031001.txt"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030314_190827.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030305_170302.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20030303sendmail.html"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-048.shtml"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/sendmailheader_xforce.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/10748"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/11653"
},
{
"trust": 0.6,
"url": "http://ftp.support.compaq.com/patches/public/readmes/unix/t64v51ab21-c0103500-17099-es-20030226.readme"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104678862409849\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2222"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2003.0794.1"
},
{
"trust": 0.3,
"url": "http://www.slackware.org/lists/archive/viewer.php?l=slackware-security\u0026y=2003\u0026m=slackware-security.286398"
},
{
"trust": 0.3,
"url": "http://www.sendmail.org/"
},
{
"trust": 0.3,
"url": "ftp://ftp1.support.compaq.com/public/unix/v4.0g/t64v40gb17-c0028100-16887-es-20030211.readme"
},
{
"trust": 0.3,
"url": "ftp://ftp1.support.compaq.com/public/unix/v4.0f/duv40fb18-c0092200-16888-es-20030211.readme"
},
{
"trust": 0.3,
"url": "http://ftp1.support.compaq.com/public/unix/v5.0a/t64v50ab17-c0031300-16884-es-20030211.readme"
},
{
"trust": 0.3,
"url": "ftp://ftp1.support.compaq.com/public/unix/v5.1/t64v51b19-c0169100-16882-es-20030211.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/readmes/unix/t64v51bb1-c0003900-16874-es-20030211.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/readmes/unix/t64v51b20-c0169800-16980-es-20030218.readme"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51181"
},
{
"trust": 0.3,
"url": "http://www.sendmail.com"
},
{
"trust": 0.3,
"url": "/archive/1/313757"
},
{
"trust": 0.3,
"url": "/archive/1/313795"
},
{
"trust": 0.3,
"url": "/archive/1/313841"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-03T00:00:00",
"db": "CERT/CC",
"id": "VU#398025"
},
{
"date": "2003-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-5722"
},
{
"date": "2003-03-02T00:00:00",
"db": "BID",
"id": "6991"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"date": "2003-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"date": "2003-03-07T05:00:00",
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-15T00:00:00",
"db": "CERT/CC",
"id": "VU#398025"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-5722"
},
{
"date": "2007-09-22T00:30:00",
"db": "BID",
"id": "6991"
},
{
"date": "2024-03-01T01:52:00",
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"date": "2006-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"date": "2024-02-09T03:19:11.660000",
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Remote Buffer Overflow in Sendmail",
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "6991"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
}
],
"trust": 0.9
}
}
VAR-200205-0137
Vulnerability from variot - Updated: 2023-12-18 14:02Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name. Sun's NFS/RPC cachefs daemon (cachefsd) is shipped and installed by default with Sun Solaris 2.5.1, 2.6, 7, and 8 (SPARC and Intel architectures). Cachefsd caches requests for operations on remote file systems mounted via the use of NFS protocol. Sun Solaris Included in the NFS/RPC Necessary to operate the file system cachefsd In cfsd_calloc function The function does not perform bounds checking properly, so abnormally long cache names and directory names are included. A remotely exploitable buffer overflow condition has been reported in cachefsd. The overflow occurs in the heap and is reportedly exploitable as valid malloc() chunk structures are overwritten. Successful attacks may result in remote attackers gaining root access on the affected system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200205-0137",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "solaris",
"scope": "eq",
"trust": 1.9,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.9,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.9,
"vendor": "sun",
"version": "2.6"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "8.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.5.1 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.5.1 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "solaris x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "solaris ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 2.6 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "voice services provisioning tool",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual switch controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "universal gateway manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "signaling controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "pgw2200 pstn gateway",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgc node manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "media gateway manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "ip manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ems for the cisco",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7200/7400"
},
{
"model": "ems for the catalyst cisco",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6500/7600"
},
{
"model": "element management framework",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dsl manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cable manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "billing and management server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "ids-4230-xx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ids-4220-e",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ids-4210",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bts",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#635811"
},
{
"db": "BID",
"id": "4674"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000106"
},
{
"db": "NVD",
"id": "CVE-2002-0033"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-079"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0033"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LSD contact@lsd-pl.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-079"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0033",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2002-0033",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0033",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#635811",
"trust": 0.8,
"value": "52.92"
},
{
"author": "CNNVD",
"id": "CNNVD-200205-079",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#635811"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000106"
},
{
"db": "NVD",
"id": "CVE-2002-0033"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-079"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name. Sun\u0027s NFS/RPC cachefs daemon (cachefsd) is shipped and installed by default with Sun Solaris 2.5.1, 2.6, 7, and 8 (SPARC and Intel architectures). Cachefsd caches requests for operations on remote file systems mounted via the use of NFS protocol. Sun Solaris Included in the NFS/RPC Necessary to operate the file system cachefsd In cfsd_calloc function The function does not perform bounds checking properly, so abnormally long cache names and directory names are included. A remotely exploitable buffer overflow condition has been reported in cachefsd. The overflow occurs in the heap and is reportedly exploitable as valid malloc() chunk structures are overwritten. Successful attacks may result in remote attackers gaining root access on the affected system",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0033"
},
{
"db": "CERT/CC",
"id": "VU#635811"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000106"
},
{
"db": "BID",
"id": "4674"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#635811",
"trust": 3.2
},
{
"db": "BID",
"id": "4674",
"trust": 2.7
},
{
"db": "NVD",
"id": "CVE-2002-0033",
"trust": 2.4
},
{
"db": "XF",
"id": "8999",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000106",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "CA-2002-11",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020505 [LSD] SOLARIS CACHEFSD REMOTE BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:124",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:31",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200205-079",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#635811"
},
{
"db": "BID",
"id": "4674"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000106"
},
{
"db": "NVD",
"id": "CVE-2002-0033"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-079"
}
]
},
"id": "VAR-200205-0137",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37272727
},
"last_update_date": "2023-12-18T14:02:54.368000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "56300",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56300-1"
},
{
"title": "44309",
"trust": 0.8,
"url": "http://jp.sunsolve.sun.com/search/document.do?assetkey=1-26-44309-1"
},
{
"title": "56300",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56300-3"
},
{
"title": "44309",
"trust": 0.8,
"url": "http://jp.sunsolve.sun.com/search/document.do?assetkey=1-26-44309-3"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000106"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0033"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44309"
},
{
"trust": 2.4,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0026.html"
},
{
"trust": 2.4,
"url": "http://www.cert.org/advisories/ca-2002-11.html"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/4674"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/635811"
},
{
"trust": 1.6,
"url": "http://www.iss.net/security_center/static/8999.php"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a124"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a31"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/m-078.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0033"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr021801.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2002-11"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0033"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/8999"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:31"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:124"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#635811"
},
{
"db": "BID",
"id": "4674"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000106"
},
{
"db": "NVD",
"id": "CVE-2002-0033"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-079"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#635811"
},
{
"db": "BID",
"id": "4674"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000106"
},
{
"db": "NVD",
"id": "CVE-2002-0033"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-079"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-05-06T00:00:00",
"db": "CERT/CC",
"id": "VU#635811"
},
{
"date": "2002-05-06T00:00:00",
"db": "BID",
"id": "4674"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000106"
},
{
"date": "2002-05-29T04:00:00",
"db": "NVD",
"id": "CVE-2002-0033"
},
{
"date": "2002-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-079"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-05-14T00:00:00",
"db": "CERT/CC",
"id": "VU#635811"
},
{
"date": "2002-05-06T00:00:00",
"db": "BID",
"id": "4674"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000106"
},
{
"date": "2018-10-30T16:25:26.310000",
"db": "NVD",
"id": "CVE-2002-0033"
},
{
"date": "2005-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-079"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-079"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sun Solaris cachefsd vulnerable to heap overflow in cfsd_calloc() function via long string of characters",
"sources": [
{
"db": "CERT/CC",
"id": "VU#635811"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "4674"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-079"
}
],
"trust": 0.9
}
}
VAR-200108-0064
Vulnerability from variot - Updated: 2023-12-18 13:21Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. The telnetd program is a server for the telnet remote virtual terminal protocol. There is a remotely exploitable buffer overflow in telnet daemons derived from BSD source code. This vulnerability can crash the server, or be leveraged to gain root access. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. This vulnerability is now being actively exploited. A worm is known to be circulating around the Internet. Exposure:
Remote root compromise through buffer handling flaws
Confirmed vulnerable:
Up-to-date Debian 3.0 woody (issue is Debian-specific) Debian netkit-telnet-ssl-0.17.24+0.1 package Debian netkit-telnet-ssl-0.17.17+0.1 package
Mitigating factors:
Telnet service must be running and accessible to the attacker. Nowadays, telnet service presence on newly deployed Linux hosts is relatively low. The service is still used for LAN access from other unix platforms, and to host various non-shell services (such as MUDs).
Problem description:
Netkit telnetd implementation shipped with Debian Linux appears to be lacking the AYT vulnerability patch. This patch was devised by Red Hat (?) and incorporated into Debian packages, but later dropped.
This exposes the platform to a remote root problem discovered by scut of TESO back in 2001 (CVE-2001-0554), as well as to other currently unpublished flaws associated with the old buffer handling code, and elliminated by the Red Hat's overhaul of buffer handling routines.
Based on a review of package changelogs, my best guess is that the patch was accidentally dropped by Christoph Martin in December 2001, but I have not researched the matter any further.
Vendor response:
I have contacted Debian security staff on August 29, and received a confirmation of the problem from Matt Zimmerman shortly thereafter.
Since this is not a new flaw, I did not plan to release my own advisory, hoping they will release a DSA bulletin and fix the problem. Three weeks have passed, however, and Debian did not indicate any clear intent to release the information any time soon. They did release nine other advisories in the meantime, some of which were of lesser importance.
As such, I believe it is a good idea to bring the problem to public attention, particularly since those running telnetd were and are, unbeknownst to them, vulnerable to existing exploits.
Workaround:
Disable telnet service if not needed; manually apply Red Hat netkit patches, or compile the daemon from Red Hat sources.
Note that netkit as such is no longer maintained by the author, and hence obtaining the most recent source tarball (0.17) is NOT sufficient. You may also examine other less popular telnetd implementations, but be advised that almost all are heavily based on the original code, and not always up-to-date with security fixes for that codebase.
PS. Express your outrage: http://eprovisia.coredump.cx
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200108-0064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "catalyst csx",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "60005.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 2.1,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 2.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.9,
"vendor": "netbsd",
"version": "1.3.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.9,
"vendor": "netbsd",
"version": "1.3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.9,
"vendor": "netbsd",
"version": "1.2"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 1.5,
"vendor": "cisco",
"version": "30002.5.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.7"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.6"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.4"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.0"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 1.3,
"vendor": "netkit",
"version": "0.12"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 1.3,
"vendor": "netkit",
"version": "0.11"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 1.3,
"vendor": "netkit",
"version": "0.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.3.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.2.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.0"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.7.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.4"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "2.2"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.0.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.1"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.2.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.1.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.0.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.2"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.3"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "7.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "60006.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "60005.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "50006.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "40006.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "40005.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bsdi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "caldera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mit kerberos team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "redhat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.5.1 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.5.1 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.24"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.0.3"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "50005.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "40005.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "40005.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "8.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.3"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.5"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.17"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.16"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.14"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.2"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.1.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.0"
},
{
"model": "secure os software for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux sis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.x"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.x"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.1"
},
{
"model": "catalyst pan",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.3"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2(0.111)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2(0.110)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.1(2.13)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(9)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(8)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(5)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(12)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(11)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(10)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40006.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(5)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(9)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(8)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(5)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(10)"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.2"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.1"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0.1"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "openbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.9"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.5"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.4"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.3"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.2"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.4"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.2"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0.4"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8500"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.1(2)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.3(4)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(13)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.3(4)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(13)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5"
},
{
"model": "catalyst 4908g-l3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 4840g",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4800"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4200"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.1(2)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40006.3(4)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(13)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3900"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3550"
},
{
"model": "catalyst xl",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3500"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2950"
},
{
"model": "catalyst 2948g-l3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst xl",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "catalyst lre xl",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2820"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "BID",
"id": "3064"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netkit:linux_netkit:0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netkit:linux_netkit:0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netkit:linux_netkit:0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2:current:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0554"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TESO Security Advisory",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
],
"trust": 0.6
},
"cve": "CVE-2001-0554",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2001-0554",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2001-0554",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#745371",
"trust": 0.8,
"value": "74.81"
},
{
"author": "CNNVD",
"id": "CNNVD-200108-082",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2001-0554",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. The telnetd program is a server for the telnet remote virtual terminal protocol. There is a remotely exploitable buffer overflow in telnet daemons derived from BSD source code. This vulnerability can crash the server, or be leveraged to gain root access. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. \nThis vulnerability is now being actively exploited. A worm is known to be circulating around the Internet. \nExposure:\n\n Remote root compromise through buffer handling flaws\n\nConfirmed vulnerable:\n\n Up-to-date Debian 3.0 woody (issue is Debian-specific)\n Debian netkit-telnet-ssl-0.17.24+0.1 package\n Debian netkit-telnet-ssl-0.17.17+0.1 package\n\nMitigating factors:\n\n Telnet service must be running and accessible to the attacker. \n Nowadays, telnet service presence on newly deployed Linux hosts is\n relatively low. The service is still used for LAN access from other unix\n platforms, and to host various non-shell services (such as MUDs). \n\nProblem description:\n\n Netkit telnetd implementation shipped with Debian Linux appears to be\n lacking the AYT vulnerability patch. This patch was devised by Red Hat\n (?) and incorporated into Debian packages, but later dropped. \n\n This exposes the platform to a remote root problem discovered by scut of\n TESO back in 2001 (CVE-2001-0554), as well as to other currently\n unpublished flaws associated with the old buffer handling code, and\n elliminated by the Red Hat\u0027s overhaul of buffer handling routines. \n\n Based on a review of package changelogs, my best guess is that the patch\n was accidentally dropped by Christoph Martin in December 2001, but I\n have not researched the matter any further. \n\nVendor response:\n\n I have contacted Debian security staff on August 29, and received a\n confirmation of the problem from Matt Zimmerman shortly thereafter. \n\n Since this is not a new flaw, I did not plan to release my own advisory,\n hoping they will release a DSA bulletin and fix the problem. Three weeks\n have passed, however, and Debian did not indicate any clear intent to\n release the information any time soon. They did release nine other\n advisories in the meantime, some of which were of lesser importance. \n\n As such, I believe it is a good idea to bring the problem to public\n attention, particularly since those running telnetd were and are,\n unbeknownst to them, vulnerable to existing exploits. \n\nWorkaround:\n\n Disable telnet service if not needed; manually apply Red Hat\n netkit patches, or compile the daemon from Red Hat sources. \n\n Note that netkit as such is no longer maintained by the author, and\n hence obtaining the most recent source tarball (0.17) is NOT\n sufficient. You may also examine other less popular telnetd\n implementations, but be advised that almost all are heavily based on the\n original code, and not always up-to-date with security fixes for that\n codebase. \n\n\nPS. Express your outrage: http://eprovisia.coredump.cx",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "BID",
"id": "3064"
},
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "PACKETSTORM",
"id": "34414"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=21018",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2001-0554"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3064",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2001-0554",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "809",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#745371",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "21018",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2001-0554",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "34414",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "BID",
"id": "3064"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "PACKETSTORM",
"id": "34414"
},
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"id": "VAR-200108-0064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3056849
},
"last_update_date": "2023-12-18T13:21:23.131000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ibm.com/jp/"
},
{
"title": "Debian Security Advisories: DSA-075-1 netkit-telnet-ssl -- remote exploit",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a05118c557d210031007d9bc57bfeb01"
},
{
"title": "Cisco: Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20020903-vpn3k-vulnerability"
},
{
"title": "Cisco: Cisco CatOS Telnet Buffer Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20020129-catos-telrcv"
},
{
"title": "git-and-crumpets",
"trust": 0.1,
"url": "https://github.com/siddicky/git-and-crumpets "
},
{
"title": "DC-4-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-4-vulnhub-walkthrough "
},
{
"title": "DC-2-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-2-vulnhub-walkthrough "
},
{
"title": "DC-1-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-1-vulnhub-walkthrough "
},
{
"title": "Basic-Pentesting-2",
"trust": 0.1,
"url": "https://github.com/vshaliii/basic-pentesting-2 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0554"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.cert.org/advisories/ca-2001-21.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/3064"
},
{
"trust": 2.0,
"url": "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml"
},
{
"trust": 1.9,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-01:49.telnetd.asc"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/197804"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/199496"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/203000"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/199541"
},
{
"trust": 1.7,
"url": "http://www.ciac.org/ciac/bulletins/l-131.shtml"
},
{
"trust": 1.7,
"url": "http://www.calderasystems.com/support/security/advisories/cssa-2001-030.0.txt"
},
{
"trust": 1.7,
"url": "http://ftp.support.compaq.com/patches/.new/html/ssrt0745u.shtml"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000413"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2001/dsa-070"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2001/dsa-075"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/advisories/3476"
},
{
"trust": 1.7,
"url": "http://www.linux-mandrake.com/en/security/2001/mdksa-2001-068.php3"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2001-099.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2001-100.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/809"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875"
},
{
"trust": 1.1,
"url": "ftp://stage.caldera.com/pub/security/openserver/cssa-2001-sco.10/cssa-2001-sco.10.txt"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2001-012.txt.asc"
},
{
"trust": 1.1,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-p"
},
{
"trust": 0.8,
"url": "http://www.team-teso.net/advisories/teso-advisory-011.tar.gz"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0554"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0554"
},
{
"trust": 0.3,
"url": "/archive/1/375743"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-075"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/21018/"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/745371"
},
{
"trust": 0.1,
"url": "http://eprovisia.coredump.cx."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2001-0554"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "BID",
"id": "3064"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "PACKETSTORM",
"id": "34414"
},
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "BID",
"id": "3064"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "PACKETSTORM",
"id": "34414"
},
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-07-24T00:00:00",
"db": "CERT/CC",
"id": "VU#745371"
},
{
"date": "2001-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"date": "2001-07-18T00:00:00",
"db": "BID",
"id": "3064"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"date": "2004-09-21T08:00:52",
"db": "PACKETSTORM",
"id": "34414"
},
{
"date": "2001-08-14T04:00:00",
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"date": "2001-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-04-16T00:00:00",
"db": "CERT/CC",
"id": "VU#745371"
},
{
"date": "2020-01-21T00:00:00",
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"date": "2001-07-18T00:00:00",
"db": "BID",
"id": "3064"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"date": "2022-01-21T14:48:42.473000",
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"date": "2022-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "34414"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vendor telnet daemons vulnerable to buffer overflow via crafted protocol options",
"sources": [
{
"db": "CERT/CC",
"id": "VU#745371"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
],
"trust": 0.6
}
}
VAR-199712-0008
Vulnerability from variot - Updated: 2023-12-18 13:16FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. This problem is a design issue with the common implementation of the FTP protocol. In essence, the vulnerability is as follows: when a user FTP's into a host to retrieve files, the connection is two way (i.e. when you log in and request a file, the server then opens a connection back to your host of origin to deliver your requested data). Most FTP servers support what is called 'active mode' which allows users to specify a number of parameters to the FTP daemon. One of these is the PORT command, which lets you specify where you would like the return data connection to be sent. Therefore, instead of opening a connection back to yourself to drop off your requested files or data, you can then open that connection back to another host. This is true with both retrieving and putting data. Attackers can exploit this in some instances to circumvent access control, export restrictions, etc. There is a vulnerability in the FTP server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199712-0008",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sunos",
"scope": "eq",
"trust": 1.9,
"vendor": "sun",
"version": "4.1.4"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "4.1.3u1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.5"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.4"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.3"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.5.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 1.3,
"vendor": "sco",
"version": "2.1"
},
{
"model": "open desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "sco",
"version": "3.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.0"
},
{
"model": "inet",
"scope": "eq",
"trust": 1.0,
"vendor": "gnu",
"version": "5.01"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "1.0"
},
{
"model": "openlinux",
"scope": "eq",
"trust": 1.0,
"vendor": "caldera",
"version": "1.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "1.2"
},
{
"model": "openserver",
"scope": "eq",
"trust": 1.0,
"vendor": "sco",
"version": "5.0.4"
},
{
"model": "inet",
"scope": "eq",
"trust": 1.0,
"vendor": "gnu",
"version": "6.02"
},
{
"model": "wu-ftpd",
"scope": "eq",
"trust": 1.0,
"vendor": "washington university",
"version": "2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.7"
},
{
"model": "inet",
"scope": "eq",
"trust": 1.0,
"vendor": "gnu",
"version": "6.01"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "1.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "1.2.1"
},
{
"model": "reliant unix",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "university wu-ftpd academ[beta1-15]",
"scope": "eq",
"trust": 0.3,
"vendor": "washington",
"version": "2.4.2"
},
{
"model": "solaris x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "solaris 2.5 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.1.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.0"
},
{
"model": "irix h",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix g",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix e",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix d",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix a",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.2"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0"
},
{
"model": "software serv-u",
"scope": "eq",
"trust": 0.3,
"vendor": "rhino",
"version": "4.1"
},
{
"model": "software serv-u",
"scope": "eq",
"trust": 0.3,
"vendor": "rhino",
"version": "4.0.0.4"
},
{
"model": "software serv-u",
"scope": "eq",
"trust": 0.3,
"vendor": "rhino",
"version": "3.1"
},
{
"model": "software serv-u",
"scope": "eq",
"trust": 0.3,
"vendor": "rhino",
"version": "3.0"
},
{
"model": "goat software mgftp",
"scope": "eq",
"trust": 0.3,
"vendor": "mad",
"version": "2.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.16"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.9"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.7"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.7.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.1.5.1"
},
{
"model": "unix d",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "4.0"
},
{
"model": "unix c",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "4.0"
},
{
"model": "unix b",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "4.0"
},
{
"model": "unix a",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "4.0"
},
{
"model": "unix",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "4.0"
},
{
"model": "unix g",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "3.2"
}
],
"sources": [
{
"db": "BID",
"id": "126"
},
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnu:inet:5.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnu:inet:6.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:washington_university:wu-ftpd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnu:inet:6.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:reliant_unix:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:openserver:5.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0017"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This problem was initially posted to the Bugtraq mailing list by *Hobbit* (hobbit@avian.org) on July12/1995.",
"sources": [
{
"db": "BID",
"id": "126"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
],
"trust": 0.9
},
"cve": "CVE-1999-0017",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-17",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-1999-0017",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-199712-006",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-17",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17"
},
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. This problem is a design issue with the common implementation of the FTP protocol. In essence, the vulnerability is as follows: when a user FTP\u0027s into a host to retrieve files, the connection is two way (i.e. when you log in and request a file, the server then opens a connection back to your host of origin to deliver your requested data). Most FTP servers support what is called \u0027active mode\u0027 which allows users to specify a number of parameters to the FTP daemon. One of these is the PORT command, which lets you specify *where* you would like the return data connection to be sent. Therefore, instead of opening a connection back to yourself to drop off your requested files or data, you can then open that connection back to another host. This is true with both retrieving and putting data. \nAttackers can exploit this in some instances to circumvent access control, export restrictions, etc. There is a vulnerability in the FTP server",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "BID",
"id": "126"
},
{
"db": "VULHUB",
"id": "VHN-17"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-0017",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006",
"trust": 0.7
},
{
"db": "BID",
"id": "126",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-17",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17"
},
{
"db": "BID",
"id": "126"
},
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"id": "VAR-199712-0008",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-17"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:16:24.502000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0017"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/cve-1999-0017"
},
{
"trust": 0.3,
"url": "ftp://ftp.cert.org/pub/tech_tips/ftp_port_attacks"
},
{
"trust": 0.3,
"url": "ftp://ftp.avian.org/random/ftp-attack"
},
{
"trust": 0.3,
"url": "http://www.cert.org/advisories/ca-1997-27.html"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17"
},
{
"db": "BID",
"id": "126"
},
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-17"
},
{
"db": "BID",
"id": "126"
},
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1997-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-17"
},
{
"date": "1995-07-12T00:00:00",
"db": "BID",
"id": "126"
},
{
"date": "1997-12-10T05:00:00",
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"date": "1997-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-17"
},
{
"date": "2007-12-18T20:05:00",
"db": "BID",
"id": "126"
},
{
"date": "2022-08-17T07:15:08.243000",
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"date": "2022-08-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FTP Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
],
"trust": 0.6
}
}
VAR-200305-0049
Vulnerability from variot - Updated: 2023-12-18 12:13Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. Samba contains several buffer overflow vulnerabilitites. Samba contains several buffer overflow vulnerabilitites. An updated version has been released. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Samba 2.2.8 Previously, when dealing with files with very long file names, smbd/trans2.c Inside StrnCpy() There is a problem with buffer overflow in functions. StrnCpy(fname,pname,namelen) Marked StrnCpy() In the function namelen using pstring Type (1024 Byte char Type array ) Variables fname Within pname Copy for that reason, pname In 1024 By giving a value larger than bytes, it is possible to cause a buffer overflow and overwrite the memory area. (CAN-2003-0201) In addition, there are other potential buffer overflow issues that stem from this issue. 3 Have been found by vendors (CAN-2003-0196) , A corrected version for all these issues Samba 2.2.8a Is published. At this time, this problem (CAN-2003-0196) Details of are unknown.Please refer to the “Overview” for the impact of this vulnerability. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server, it may be possible for an anonymous user to corrupt sensitive locations in memory. Samba-TNG 0.3.1 and earlier are also affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200305-0049",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "montavista",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "samba team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "sun microsystems",
"version": null
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.9,
"vendor": "compaq",
"version": "5.1"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "samba tng",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sorceror linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "wirex",
"version": null
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.1_pk5_bl19"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.0f"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.1_pk4_bl18"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.0a"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.0a_pk3_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.0_pk4_bl18"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.0_pk4_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.1_pk6_bl20"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.1_pk3_bl17"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.3"
},
{
"model": "samba-tng",
"scope": "eq",
"trust": 1.3,
"vendor": "samba tng",
"version": "0.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "samba-tng",
"scope": "eq",
"trust": 1.3,
"vendor": "samba tng",
"version": "0.3.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.7"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.5"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.8"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.9"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.10"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.6"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.7"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk3_bl3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk6_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk2_bl2"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.05"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.09.01"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0d_pk9_bl17"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.0,
"vendor": "samba",
"version": "2.2.0a"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk7_bl18"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk1_bl1"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.07"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.06"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "8.0"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.09"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0d"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk1_bl1"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.0,
"vendor": "samba",
"version": "2.2.3a"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.08"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.0,
"vendor": "samba",
"version": "2.2.7a"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.0,
"vendor": "samba",
"version": "2.2.1a"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.09.02"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.08.01"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0b"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk3_bl17"
},
{
"model": "samba",
"scope": "lte",
"trust": 0.8,
"vendor": "samba",
"version": "2.2.8"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "1.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.6,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "2.2.1"
},
{
"model": "cifs/9000 server a.01.08.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cifs/9000 server a.01.09.03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "solaris x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "alpha",
"scope": "ne",
"trust": 0.3,
"vendor": "samba",
"version": "3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "tru64 g pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": ".0a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "2.2"
},
{
"model": "tru64 d pk9",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cifs/9000 server a.01.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cobalt raq 4100r",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "cifs/9000 server a.01.09.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 d",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "a",
"scope": "ne",
"trust": 0.3,
"vendor": "samba",
"version": "2.2.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "tru64 f pk7",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "2.2.2"
},
{
"model": "tru64 pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "cifs/9000 server a.01.08",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cifs/9000 server a.01.07",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cifs/9000 server a.01.09.04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt qube3 4000wg",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cifs/9000 server a.01.09.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "tru64 a pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 b pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "cifs/9000 server a.01.06",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 a pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "2.2.7"
},
{
"model": "cifs/9000 server a.01.05",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "samba-tng",
"scope": "ne",
"trust": 0.3,
"vendor": "samba tng",
"version": "0.3.2"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "2.2.3"
},
{
"model": "cobalt raq4 3001r",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq xtr 3500r",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "BID",
"id": "7294"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba-tng:samba-tng:0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba-tng:samba-tng:0.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0d_pk9_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0a_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.09.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.09.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.08.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0201"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Erik Parker\u203b erik.parker@digitaldefense.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0201",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2003-0201",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-7030",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0201",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#267873",
"trust": 1.6,
"value": "20.48"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#298233",
"trust": 0.8,
"value": "23.63"
},
{
"author": "CNNVD",
"id": "CNNVD-200305-012",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-7030",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2003-0201",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. Samba contains several buffer overflow vulnerabilitites. Samba contains several buffer overflow vulnerabilitites. An updated version has been released. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Samba 2.2.8 Previously, when dealing with files with very long file names, smbd/trans2.c Inside StrnCpy() There is a problem with buffer overflow in functions. StrnCpy(fname,pname,namelen) Marked StrnCpy() In the function namelen using pstring Type (1024 Byte char Type array ) Variables fname Within pname Copy for that reason, pname In 1024 By giving a value larger than bytes, it is possible to cause a buffer overflow and overwrite the memory area. (CAN-2003-0201) In addition, there are other potential buffer overflow issues that stem from this issue. 3 Have been found by vendors (CAN-2003-0196) , A corrected version for all these issues Samba 2.2.8a Is published. At this time, this problem (CAN-2003-0196) Details of are unknown.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server, it may be possible for an anonymous user to corrupt sensitive locations in memory. Samba-TNG 0.3.1 and earlier are also affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "BID",
"id": "7294"
},
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
}
],
"trust": 4.23
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=55",
"trust": 1.2,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-7030",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7294",
"trust": 4.5
},
{
"db": "NVD",
"id": "CVE-2003-0201",
"trust": 4.5
},
{
"db": "CERT/CC",
"id": "VU#267873",
"trust": 4.2
},
{
"db": "CERT/CC",
"id": "VU#298233",
"trust": 2.4
},
{
"db": "BID",
"id": "7106",
"trust": 0.8
},
{
"db": "BID",
"id": "7295",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20030408 [SORCERER-SPELLS] SAMBA--SORCERER2003-04-08",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030407 IMMUNIX SECURED OS 7+ SAMBA UPDATE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030409 GLSA: SAMBA (200304-02)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030407 [DDI-1013] BUFFER OVERFLOW IN SAMBA ALLOWS REMOTE ROOT COMPROMISE",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2003:025",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2003:624",
"trust": 0.6
},
{
"db": "SGI",
"id": "20030403-01-P",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:044",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:567",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2163",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-280",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:137",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-88770",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-88737",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-66978",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76273",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-88826",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-18016",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76271",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-70847",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-62711",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71372",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71376",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76272",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71360",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76270",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22468",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22469",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "10",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16330",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16861",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22470",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16876",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16880",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22471",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "9924",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "7",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84541",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84542",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82311",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-7030",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "55",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2003-0201",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"db": "BID",
"id": "7294"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"id": "VAR-200305-0049",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7030"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:13:56.501000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00254",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00956530"
},
{
"title": "HPSBUX0304-254",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0304-254.html"
},
{
"title": "RHSA-2003:137",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-137.html"
},
{
"title": "samba",
"trust": 0.8,
"url": "http://www.samba.org/samba/samba.html"
},
{
"title": "53581",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-53581-1"
},
{
"title": "53924",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-53924-1"
},
{
"title": "53581",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-53581-3"
},
{
"title": "53924",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-53924-3"
},
{
"title": "TLSA-2003-27",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-27.txt"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.miraclelinux.com/"
},
{
"title": "RHSA-2003:137",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-137j.html"
},
{
"title": "TLSA-2003-27",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-27j.txt"
},
{
"title": "trans2open-CVE-2003-0201",
"trust": 0.1,
"url": "https://github.com/kernelpan1k/trans2open-cve-2003-0201 "
},
{
"title": "Reporte-de-Resultados",
"trust": 0.1,
"url": "https://github.com/rebekattan/reporte-de-resultados "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/bensongithub/eqgrp "
},
{
"title": "Tools",
"trust": 0.1,
"url": "https://github.com/bl4ck4t/tools "
},
{
"title": "x0rzEQGRP",
"trust": 0.1,
"url": "https://github.com/happysmack/x0rzeqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/nekkidso/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/391861737/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/muhammd/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/r3k1ng/shadowbrokersfiles "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ckmaenn/eqgrp "
},
{
"title": "EQGRP_Linux",
"trust": 0.1,
"url": "https://github.com/cybernetix-s3c/eqgrp_linux "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/iha114/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/antiscammerarmy/shadowbrokersfiles "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/thetrentusdev/shadowbrokerstuff "
},
{
"title": "test",
"trust": 0.1,
"url": "https://github.com/devkosov/test "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/hackcrypto/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ninja-tw1st/eqgrp "
},
{
"title": "leaked2",
"trust": 0.1,
"url": "https://github.com/kongjiexi/leaked2 "
},
{
"title": "bdhglopoj",
"trust": 0.1,
"url": "https://github.com/maxcvnd/bdhglopoj "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/shakenetwork/shadowbrokerstuff "
},
{
"title": "x0rz-EQGRP",
"trust": 0.1,
"url": "https://github.com/r3p3r/x0rz-eqgrp "
},
{
"title": "ShadowBrokersStuff",
"trust": 0.1,
"url": "https://github.com/thetrentus/shadowbrokersstuff "
},
{
"title": "EQ1",
"trust": 0.1,
"url": "https://github.com/thepevertedspartan/eq1 "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/badbug6/eqgrp "
},
{
"title": "EQGRP-nasa",
"trust": 0.1,
"url": "https://github.com/soldie/eqgrp-nasa "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/mofty/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/thetrentus/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/namangangwar/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/x0rz/eqgrp "
},
{
"title": "SB--.-HACK-the-EQGRP-1",
"trust": 0.1,
"url": "https://github.com/cipherreborn/sb--.-hack-the-eqgrp-1 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0201"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "http://www.securityfocus.com/bid/7294"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/267873"
},
{
"trust": 2.1,
"url": "http://www.digitaldefense.net/labs/advisories/ddi-1013.txt"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-280"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2003:044"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-137.html"
},
{
"trust": 1.8,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030403-01-p"
},
{
"trust": 1.8,
"url": "http://www.novell.com/linux/security/advisories/2003_025_samba.html"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000624"
},
{
"trust": 1.6,
"url": "http://lists.samba.org/pipermail/samba-announce/2003-april/000065.html"
},
{
"trust": 1.6,
"url": "http://lists.samba.org/pipermail/samba-announce/2003-march/000063.html"
},
{
"trust": 1.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0201"
},
{
"trust": 1.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0196"
},
{
"trust": 1.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0085"
},
{
"trust": 1.6,
"url": "http://www.kb.cert.org/vuls/id/298233"
},
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0008.html"
},
{
"trust": 1.6,
"url": "http://www.samba-tng.org/download/tng/announcement-0.3.2.txt"
},
{
"trust": 1.6,
"url": "http://www.samba-tng.org/"
},
{
"trust": 1.6,
"url": "http://www.samba.org/"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2163"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a567"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104972664226781\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104974612519064\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104994564212488\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104981682014565\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.samba.org/samba/whatsnew/samba-2.2.8.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/7106"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0201"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0201"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/7295"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104972664226781\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104994564212488\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104981682014565\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104974612519064\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:567"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2163"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://metasploit.com/projects/framework/exploits.html"
},
{
"trust": 0.3,
"url": "http://www.samba.org"
},
{
"trust": 0.3,
"url": "http://support.coresecurity.com/impact/exploits/e3a738fd21350fa2faa7e171b121f0d4.html"
},
{
"trust": 0.3,
"url": "http://www.samba-tng.org"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f53581"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f53924"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://seer.support.veritas.com/docs/256903.htm"
},
{
"trust": 0.3,
"url": "/archive/1/317758"
},
{
"trust": 0.3,
"url": "/archive/1/317985"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104974612519064\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104972664226781\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104981682014565\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104994564212488\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000624"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/kernelpan1k/trans2open-cve-2003-0201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/55/"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/exploit/solaris/samba/trans2open"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"db": "BID",
"id": "7294"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"db": "BID",
"id": "7294"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-10T00:00:00",
"db": "CERT/CC",
"id": "VU#267873"
},
{
"date": "2003-04-10T00:00:00",
"db": "CERT/CC",
"id": "VU#267873"
},
{
"date": "2003-03-17T00:00:00",
"db": "CERT/CC",
"id": "VU#298233"
},
{
"date": "2003-05-05T00:00:00",
"db": "VULHUB",
"id": "VHN-7030"
},
{
"date": "2003-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"date": "2003-04-07T00:00:00",
"db": "BID",
"id": "7294"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"date": "2003-05-05T04:00:00",
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"date": "2003-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-07-10T00:00:00",
"db": "CERT/CC",
"id": "VU#267873"
},
{
"date": "2003-07-10T00:00:00",
"db": "CERT/CC",
"id": "VU#267873"
},
{
"date": "2003-05-15T00:00:00",
"db": "CERT/CC",
"id": "VU#298233"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-7030"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"date": "2009-07-11T21:06:00",
"db": "BID",
"id": "7294"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samba contains multiple buffer overflows",
"sources": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "7294"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
],
"trust": 0.9
}
}
VAR-200505-0723
Vulnerability from variot - Updated: 2023-12-18 11:51The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016). When a packet of this type is handled, an infinite loop is initiated and the affected system halts. A remote attacker may exploit this issue to deny service for legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0723",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "datacenter_64-bit"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "standard"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "enterprise"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "enterprise_64-bit"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "web"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "windows server 2003",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.31"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"model": "ios aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.0"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt enterprise server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "3.0"
},
{
"model": "windows server enterprise edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.34"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios f",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "ios bt",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.12"
},
{
"model": "windows nt workstation sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3"
},
{
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "3.1"
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.1.x"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.2"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.1"
},
{
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3.16"
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.38"
},
{
"model": "windows server standard edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.1"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.0"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.36"
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3"
},
{
"model": "ios bt",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.17"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.x"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.10"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.0.1"
},
{
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server enterprise edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "1.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.33"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "open desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.0"
},
{
"model": "windows xp embedded sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"model": "ios ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.9"
},
{
"model": "windows xp embedded",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.16"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3.2"
},
{
"model": "ios aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.17"
},
{
"model": "windows server datacenter edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "2.1"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "ios a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3.19"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.1"
},
{
"model": "windows xp gold",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "ios f1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.35"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "cmw+",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0"
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "ios ca",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios/700",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.30"
},
{
"model": "sunos",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "95"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.2.10"
},
{
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.4.401"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.37"
},
{
"model": "sunos u1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1.3"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "3.5.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "atm switch",
"scope": "eq",
"trust": 0.3,
"vendor": "marconi",
"version": "6.1.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.32"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.1.1102"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.2.1"
},
{
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0"
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios p",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.9"
},
{
"model": "atm switch",
"scope": "eq",
"trust": 0.3,
"vendor": "marconi",
"version": "7.0.1"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"model": "windows nt server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0.1"
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios ca",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.2"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1x"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "windows server web edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.30"
}
],
"sources": [
{
"db": "BID",
"id": "13658"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "NVD",
"id": "CVE-2005-1649"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:web:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:embedded:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:r2:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:standard:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1649"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Konrad Malewski\u203b koyot@moon.ondraszek.ds.polsl.gliwice.pl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
],
"trust": 0.6
},
"cve": "CVE-2005-1649",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2005-1649",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-1649",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-1102",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "NVD",
"id": "CVE-2005-1649"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the \"Land\" vulnerability (CVE-1999-0016). \nWhen a packet of this type is handled, an infinite loop is initiated and the affected system halts. \nA remote attacker may exploit this issue to deny service for legitimate users",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1649"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "BID",
"id": "13658"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-1649",
"trust": 2.7
},
{
"db": "BID",
"id": "13658",
"trust": 2.7
},
{
"db": "VUPEN",
"id": "ADV-2005-0559",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332",
"trust": 0.8
},
{
"db": "NTBUGTRAQ",
"id": "20050516 WINDOWS (XP, 2K3, LONGHORN) IS VULNERABLE TO IPV6 LAND ATTACK.",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "13658"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "NVD",
"id": "CVE-2005-1649"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
]
},
"id": "VAR-200505-0723",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.33667661
},
"last_update_date": "2023-12-18T11:51:36.418000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.microsoft.com/ja/jp/default.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1649"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/13658"
},
{
"trust": 1.6,
"url": "http://www.ntbugtraq.com/default.aspx?pid=36\u0026sid=1\u0026a2=ind0505\u0026l=ntbugtraq\u0026p=r409\u0026d=0\u0026f=n\u0026h=0\u0026o=d\u0026t=0"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2005/0559"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2005/0559"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-1649"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-1649"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-217.htm"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q165/0/05.asp"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q177/5/39.asp"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/tidfinder.cgi?2932511"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/770/land-pub.shtml#iosvers"
},
{
"trust": 0.3,
"url": "http://www.securityfocus.com/archive/1/392354"
},
{
"trust": 0.3,
"url": "/archive/1/392642"
},
{
"trust": 0.3,
"url": "/archive/1/393045"
},
{
"trust": 0.3,
"url": "/archive/1/400188"
},
{
"trust": 0.3,
"url": "/archive/1/392354"
}
],
"sources": [
{
"db": "BID",
"id": "13658"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "NVD",
"id": "CVE-2005-1649"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "13658"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"db": "NVD",
"id": "CVE-2005-1649"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-17T00:00:00",
"db": "BID",
"id": "13658"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"date": "2005-05-18T04:00:00",
"db": "NVD",
"id": "CVE-2005-1649"
},
{
"date": "1997-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13658"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000332"
},
{
"date": "2017-01-20T02:59:01.120000",
"db": "NVD",
"id": "CVE-2005-1649"
},
{
"date": "2005-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Windows Illegal in IPv6 Service disruption due to packets (Dos) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000332"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1102"
}
],
"trust": 0.6
}
}
VAR-199712-0007
Vulnerability from variot - Updated: 2023-12-18 11:45Land IP denial of service. MSN Messenger clients before version 7.0 will allow remote attackers to take control of a computer if malicious GIF files are processed. Microsoft Windows does not adequately validate IP options, allowing an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. An attacker could take complete control of a vulnerable system. A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices & Catalyst switches, and HP-UX up to 11.00. It is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. **Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. The TCP/IP network protocol stack is the most widely used network protocol for Internet networking implemented by most operating systems. There are loopholes in the TCP/IP protocol stack implementation of early BSD-derived systems (except Linux) and Windows systems, and remote attackers can use this loophole to carry out denial-of-service attacks on the server. Due to problems in the implementation of TCP/IP, the target system may have problems processing such malformed packets. Many old versions of UNIX-like operating systems will crash, and NT's CPU resource usage will be close to 100\% (for about five minutes).
The vulnerability is caused due to improper handling of IP packets with the same destination and source IP and the SYN flag set. This causes a system to consume all available CPU resources for a certain period of time.
This kind of attack was first reported in 1997 and became known as LAND attacks.
SOLUTION: Filter traffic with the same IP address as source and destination address at the perimeter.
The vulnerability is caused due to a boundary error in the SMTP service within the handling of a certain extended verb request. This can be exploited to cause a heap-based buffer overflow by connecting to the SMTP service and issuing a specially crafted command. Instead, this requires permissions usually only granted to other Exchange servers in a domain.
Microsoft Exchange 2000 Server (requires SP3): http://www.microsoft.com/downloads/details.aspx?FamilyId=2A2AF17E-2E4A-4479-8AC9-B5544EA0BD66
Microsoft Exchange Server 2003: http://www.microsoft.com/downloads/details.aspx?FamilyId=97F409EB-C8D0-4C94-A67B-5945E26C9267
Microsoft Exchange Server 2003 (requires SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=35BCE74A-E84A-4035-BF18-196368F032CC
The following versions are not affected: * Microsoft Exchange Server 5.5 SP4 * Microsoft Exchange Server 5.0 SP2
PROVIDED AND/OR DISCOVERED BY: Mark Dowd and Ben Layer, ISS X-Force.
ORIGINAL ADVISORY: MS05-021 (KB894549): http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx
ISS X-Force: http://xforce.iss.net/xforce/alerts/id/193
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA05-102A
Multiple Vulnerabilities in Microsoft Windows Components
Original release date: April 12, 2005 Last revised: -- Source: US-CERT
Systems Affected
* Microsoft Windows Systems
For a complete list of affected versions of the Windows operating systems and components, refer to the Microsoft Security Bulletins.
Overview
Microsoft has released a Security Bulletin Summary for April, 2005. This summary includes several bulletins that address vulnerabilities in various Windows applications and components. Details of the vulnerabilities and their impacts are provided below.
I. Description
The list below provides a mapping between Microsoft's Security Bulletins and the related US-CERT Vulnerability Notes. More information related to the vulnerabilities is available in these documents.
III. Solution
Apply a patch
Microsoft has provided the patches for these vulnerabilities in the Security Bulletins and on Windows Update.
Appendix A. References
* Microsoft's Security Bulletin Summary for April, 2005 - <
http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx>
* US-CERT Vulnerability Note VU#774338 -
<http://www.kb.cert.org/vuls/id/774338>
* US-CERT Vulnerability Note VU#756122 -
<http://www.kb.cert.org/vuls/id/756122>
* US-CERT Vulnerability Note VU#222050 -
<http://www.kb.cert.org/vuls/id/222050>
* US-CERT Vulnerability Note VU#275193 -
<http://www.kb.cert.org/vuls/id/275193>
* US-CERT Vulnerability Note VU#633446 -
<http://www.kb.cert.org/vuls/id/633446>
* US-CERT Vulnerability Note VU#233754 -
<http://www.kb.cert.org/vuls/id/233754>
Feedback can be directed to the authors: Will Dormann, Jeff Gennari, Chad Dougherty, Ken MacInnis, Jason Rafail, Art Manion, and Jeff Havrilla.
This document is available from:
<http://www.us-cert.gov/cas/techalerts/TA05-102A.html>
Copyright 2005 Carnegie Mellon University.
Terms of use: http://www.us-cert.gov/legal.html
Revision History
April 12, 2005: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBQlxwexhoSezw4YfQAQJ4RAf/bTgaa6SBDMJveqW/GnQET79F9aVPM1S2 glam1w4YFyOdyIHpDYqQZRBqgXgpJjel/MiH02tZreU5mgIjkPIWA3gleepyWvnN 7VYv8KcbSnyvGxDl/8K2YjFz550gxA3pkRD7IiqdpOums87lJ7xM7sjdUY0ZA8aF JEvA4gfndpgLSuISV7Gf8y1s4MU329DurNy3t8W4EB9Iuef/E4Z058IvHnz9dTnT XwBnyW1KfH2Ohpy7QBOtcXt1wXU8X0F+d01g/VZmTL7xVwXmcPi8UpS7bPK8A17+ asqo582KjZVR56iL7fqNQzsrXUGZncEnX/8QOhi3Ym2LfAEkKrg3rw== =BY/p -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199712-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 5.6,
"vendor": "microsoft",
"version": null
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.9,
"vendor": "sun",
"version": "4.1.4"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "4.1.3u1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.0"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 1.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.16"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.30"
},
{
"model": "inet",
"scope": "eq",
"trust": 1.0,
"vendor": "gnu",
"version": "5.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.05"
},
{
"model": "winsock",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.07"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.01"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7000"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "9.03"
},
{
"model": "windows 95",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.00"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.1"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3.1"
},
{
"model": "windows nt sp5",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.31"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"model": "ios aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"model": "windows nt sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt enterprise server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "3.0"
},
{
"model": "windows server enterprise edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.34"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios f",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "ios bt",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.12"
},
{
"model": "windows nt workstation sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3"
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "3.1"
},
{
"model": "windows nt sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.1.x"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.2"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.1"
},
{
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3.16"
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.38"
},
{
"model": "windows server standard edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.1"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.0"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.36"
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3"
},
{
"model": "ios bt",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.17"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "windows nt sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.x"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.10"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "2.0.1"
},
{
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server enterprise edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "1.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.33"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "open desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"model": "ios ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.9"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.3.2"
},
{
"model": "ios aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0.17"
},
{
"model": "windows server datacenter edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "2.1"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt sp3 alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "ios a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3.19"
},
{
"model": "ios f1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.4"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.35"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "cmw+",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0"
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "ios ca",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios/700",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.30"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "95"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.2.10"
},
{
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.4.401"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.37"
},
{
"model": "sunos u1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1.3"
},
{
"model": "windows nt sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "3.5.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "atm switch",
"scope": "eq",
"trust": 0.3,
"vendor": "marconi",
"version": "6.1.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.0.32"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "catalyst supervisor software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "29xx2.1.1102"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.2.1"
},
{
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0"
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios p",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2.9"
},
{
"model": "atm switch",
"scope": "eq",
"trust": 0.3,
"vendor": "marconi",
"version": "7.0.1"
},
{
"model": "windows nt sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"model": "windows nt server sp4",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.15"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "bsd/os",
"scope": "ne",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0.1"
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios ca",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1.7"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.2"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1x"
},
{
"model": "windows server web edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "NVD",
"id": "CVE-1999-0016"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:7000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnu:inet:5.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:winsock:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:9.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:9.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:9.07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:9.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:9.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:9.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0016"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "m3lt meltman@lagged.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
],
"trust": 0.6
},
"cve": "CVE-1999-0016",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-16",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-1999-0016",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-1999-0016",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#774338",
"trust": 0.8,
"value": "21.80"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#756122",
"trust": 0.8,
"value": "21.80"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#222050",
"trust": 0.8,
"value": "4.36"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#633446",
"trust": 0.8,
"value": "23.63"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#396645",
"trust": 0.8,
"value": "12.15"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#233754",
"trust": 0.8,
"value": "12.29"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#275193",
"trust": 0.8,
"value": "36.15"
},
{
"author": "CNNVD",
"id": "CNNVD-199712-002",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-16",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-1999-0016",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"db": "NVD",
"id": "CVE-1999-0016"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Land IP denial of service. MSN Messenger clients before version 7.0 will allow remote attackers to take control of a computer if malicious GIF files are processed. Microsoft Windows does not adequately validate IP options, allowing an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. An attacker could take complete control of a vulnerable system. A number of TCP/IP stacks are vulnerable to a \"loopback\" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices \u0026amp; Catalyst switches, and HP-UX up to 11.00. \nIt is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. \n**Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. The TCP/IP network protocol stack is the most widely used network protocol for Internet networking implemented by most operating systems. There are loopholes in the TCP/IP protocol stack implementation of early BSD-derived systems (except Linux) and Windows systems, and remote attackers can use this loophole to carry out denial-of-service attacks on the server. Due to problems in the implementation of TCP/IP, the target system may have problems processing such malformed packets. Many old versions of UNIX-like operating systems will crash, and NT\u0027s CPU resource usage will be close to 100\\\\% (for about five minutes). \n\nThe vulnerability is caused due to improper handling of IP packets\nwith the same destination and source IP and the SYN flag set. This\ncauses a system to consume all available CPU resources for a certain\nperiod of time. \n\nThis kind of attack was first reported in 1997 and became known as\nLAND attacks. \n\nSOLUTION:\nFilter traffic with the same IP address as source and destination\naddress at the perimeter. \n\nThe vulnerability is caused due to a boundary error in the SMTP\nservice within the handling of a certain extended verb request. This\ncan be exploited to cause a heap-based buffer overflow by connecting\nto the SMTP service and issuing a specially crafted command. Instead, this requires permissions\nusually only granted to other Exchange servers in a domain. \n\nMicrosoft Exchange 2000 Server (requires SP3):\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=2A2AF17E-2E4A-4479-8AC9-B5544EA0BD66\n\nMicrosoft Exchange Server 2003:\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=97F409EB-C8D0-4C94-A67B-5945E26C9267\n\nMicrosoft Exchange Server 2003 (requires SP1):\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=35BCE74A-E84A-4035-BF18-196368F032CC\n\nThe following versions are not affected:\n* Microsoft Exchange Server 5.5 SP4\n* Microsoft Exchange Server 5.0 SP2\n\nPROVIDED AND/OR DISCOVERED BY:\nMark Dowd and Ben Layer, ISS X-Force. \n\nORIGINAL ADVISORY:\nMS05-021 (KB894549):\nhttp://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx\n\nISS X-Force:\nhttp://xforce.iss.net/xforce/alerts/id/193\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n National Cyber Alert System \n\n Technical Cyber Security Alert TA05-102A \n\nMultiple Vulnerabilities in Microsoft Windows Components\n\n Original release date: April 12, 2005\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Microsoft Windows Systems\n\n For a complete list of affected versions of the Windows operating\n systems and components, refer to the Microsoft Security Bulletins. \n\n\nOverview\n\n Microsoft has released a Security Bulletin Summary for April, 2005. \n This summary includes several bulletins that address\n vulnerabilities in various Windows applications and\n components. Details of\n the vulnerabilities and their impacts are provided below. \n\n\nI. Description\n\n The list below provides a mapping between Microsoft\u0027s Security\n Bulletins and the related US-CERT Vulnerability Notes. More\n information related to the vulnerabilities is available in these\n documents. \n\n\nIII. Solution\n\nApply a patch\n\n Microsoft has provided the patches for these vulnerabilities in the\n Security Bulletins and on Windows Update. \n\n\nAppendix A. References\n\n * Microsoft\u0027s Security Bulletin Summary for April, 2005 - \u003c\n http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx\u003e\n\n * US-CERT Vulnerability Note VU#774338 -\n \u003chttp://www.kb.cert.org/vuls/id/774338\u003e\n\n * US-CERT Vulnerability Note VU#756122 -\n \u003chttp://www.kb.cert.org/vuls/id/756122\u003e\n\n * US-CERT Vulnerability Note VU#222050 -\n \u003chttp://www.kb.cert.org/vuls/id/222050\u003e\n\n * US-CERT Vulnerability Note VU#275193 -\n \u003chttp://www.kb.cert.org/vuls/id/275193\u003e\n\n * US-CERT Vulnerability Note VU#633446 -\n \u003chttp://www.kb.cert.org/vuls/id/633446\u003e\n\n * US-CERT Vulnerability Note VU#233754 -\n \u003chttp://www.kb.cert.org/vuls/id/233754\u003e\n _________________________________________________________________\n\n Feedback can be directed to the authors: Will Dormann, Jeff Gennari,\n Chad Dougherty, Ken MacInnis, Jason Rafail, Art Manion, and Jeff\n Havrilla. \n _________________________________________________________________\n\n This document is available from: \n \n \u003chttp://www.us-cert.gov/cas/techalerts/TA05-102A.html\u003e \n \n _________________________________________________________________\n\n Copyright 2005 Carnegie Mellon University. \n \n Terms of use: \u003chttp://www.us-cert.gov/legal.html\u003e\n _________________________________________________________________\n\n Revision History\n\n April 12, 2005: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBQlxwexhoSezw4YfQAQJ4RAf/bTgaa6SBDMJveqW/GnQET79F9aVPM1S2\nglam1w4YFyOdyIHpDYqQZRBqgXgpJjel/MiH02tZreU5mgIjkPIWA3gleepyWvnN\n7VYv8KcbSnyvGxDl/8K2YjFz550gxA3pkRD7IiqdpOums87lJ7xM7sjdUY0ZA8aF\nJEvA4gfndpgLSuISV7Gf8y1s4MU329DurNy3t8W4EB9Iuef/E4Z058IvHnz9dTnT\nXwBnyW1KfH2Ohpy7QBOtcXt1wXU8X0F+d01g/VZmTL7xVwXmcPi8UpS7bPK8A17+\nasqo582KjZVR56iL7fqNQzsrXUGZncEnX/8QOhi3Ym2LfAEkKrg3rw==\n=BY/p\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0016"
},
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"db": "PACKETSTORM",
"id": "36523"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "PACKETSTORM",
"id": "37198"
}
],
"trust": 6.66
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=20812",
"trust": 0.5,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-16",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-0016",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "14512",
"trust": 1.7
},
{
"db": "BID",
"id": "2666",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#774338",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#756122",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#222050",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#633446",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#233754",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "14920",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA05-102A",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#275193",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "14578",
"trust": 0.8
},
{
"db": "XF",
"id": "19593",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#396645",
"trust": 0.8
},
{
"db": "BID",
"id": "13116",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1013686",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "15467",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002",
"trust": 0.7
},
{
"db": "HP",
"id": "HPSBUX9801-076",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "20812",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "20810",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "20814",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "20813",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "20811",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-16",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-1999-0016",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36523",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37141",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37198",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "PACKETSTORM",
"id": "36523"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "NVD",
"id": "CVE-1999-0016"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
]
},
"id": "VAR-199712-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16"
}
],
"trust": 0.43667661
},
"last_update_date": "2023-12-18T11:45:22.618000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-1999-0016-Land-DOS-tool",
"trust": 0.1,
"url": "https://github.com/pexmee/cve-1999-0016-land-dos-tool "
},
{
"title": "opensims",
"trust": 0.1,
"url": "https://github.com/ascendantlogic/opensims "
},
{
"title": "CVE-1999-0016-POC",
"trust": 0.1,
"url": "https://github.com/pommaq/cve-1999-0016-poc "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-1999-0016"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0016"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"trust": 1.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux9801-076"
},
{
"trust": 1.6,
"url": "about vulnerability notes"
},
{
"trust": 1.6,
"url": "contact us about this vulnerability"
},
{
"trust": 1.6,
"url": "provide a vendor statement"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/14512/"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/alerts/id/193"
},
{
"trust": 0.9,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-021.mspx"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/14920/"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-020.mspx"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=228\u0026type=vulnerabilities"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/security/bulletins/200504_msnmessenger.mspx"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-022.mspx"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/889829"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/896597"
},
{
"trust": 0.8,
"url": "http://messenger.msn.com"
},
{
"trust": 0.8,
"url": "http://www.w3.org/graphics/gif/spec-gif89a.txt"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/14512"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2666 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/19593"
},
{
"trust": 0.8,
"url": "http://osvdb.org/displayvuln.php?osvdb_id=14578"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/192"
},
{
"trust": 0.8,
"url": "http://www.iana.org/assignments/ip-parameters"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/13116/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/apr/1013686.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta05-102a.html"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=15467"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q165/0/05.asp"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q177/5/39.asp"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/tidfinder.cgi?2932511"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/770/land-pub.shtml#iosvers"
},
{
"trust": 0.3,
"url": "http://www.securityfocus.com/archive/1/392354"
},
{
"trust": 0.3,
"url": "/archive/1/392642"
},
{
"trust": 0.3,
"url": "/archive/1/393045"
},
{
"trust": 0.3,
"url": "/archive/1/392354"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/pexmee/cve-1999-0016-land-dos-tool"
},
{
"trust": 0.1,
"url": "https://github.com/ascendantlogic/opensims"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/20812/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=8889"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1173/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/22/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1174/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1176/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1175/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?f=l"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=35bce74a-e84a-4035-bf18-196368f032cc"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=2a2af17e-2e4a-4479-8ac9-b5544ea0bd66"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/41/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=97f409eb-c8d0-4c94-a67b-5945e26c9267"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1828/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/633446\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/222050\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/233754\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/275193\u003e"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-apr.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/774338\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta05-102a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/756122\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "PACKETSTORM",
"id": "36523"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "NVD",
"id": "CVE-1999-0016"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#774338"
},
{
"db": "CERT/CC",
"id": "VU#756122"
},
{
"db": "CERT/CC",
"id": "VU#222050"
},
{
"db": "CERT/CC",
"id": "VU#633446"
},
{
"db": "CERT/CC",
"id": "VU#396645"
},
{
"db": "CERT/CC",
"id": "VU#233754"
},
{
"db": "CERT/CC",
"id": "VU#275193"
},
{
"db": "VULHUB",
"id": "VHN-16"
},
{
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"db": "BID",
"id": "2666"
},
{
"db": "PACKETSTORM",
"id": "36523"
},
{
"db": "PACKETSTORM",
"id": "37141"
},
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "NVD",
"id": "CVE-1999-0016"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#774338"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#756122"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#222050"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#633446"
},
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#396645"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#233754"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#275193"
},
{
"date": "1997-12-01T00:00:00",
"db": "VULHUB",
"id": "VHN-16"
},
{
"date": "1997-12-01T00:00:00",
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"date": "1997-11-20T00:00:00",
"db": "BID",
"id": "2666"
},
{
"date": "2005-03-15T04:45:15",
"db": "PACKETSTORM",
"id": "36523"
},
{
"date": "2005-04-18T07:20:47",
"db": "PACKETSTORM",
"id": "37141"
},
{
"date": "2005-04-19T06:59:49",
"db": "PACKETSTORM",
"id": "37198"
},
{
"date": "1997-12-01T05:00:00",
"db": "NVD",
"id": "CVE-1999-0016"
},
{
"date": "1997-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-08-18T00:00:00",
"db": "CERT/CC",
"id": "VU#774338"
},
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#756122"
},
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#222050"
},
{
"date": "2005-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#633446"
},
{
"date": "2005-04-13T00:00:00",
"db": "CERT/CC",
"id": "VU#396645"
},
{
"date": "2005-05-03T00:00:00",
"db": "CERT/CC",
"id": "VU#233754"
},
{
"date": "2005-08-02T00:00:00",
"db": "CERT/CC",
"id": "VU#275193"
},
{
"date": "2008-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-16"
},
{
"date": "2008-09-09T00:00:00",
"db": "VULMON",
"id": "CVE-1999-0016"
},
{
"date": "2009-07-11T06:06:00",
"db": "BID",
"id": "2666"
},
{
"date": "2008-09-09T12:33:32.243000",
"db": "NVD",
"id": "CVE-1999-0016"
},
{
"date": "2006-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "37198"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer DHTML objects contain a race condition",
"sources": [
{
"db": "CERT/CC",
"id": "VU#774338"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199712-002"
}
],
"trust": 0.6
}
}
VAR-200402-0070
Vulnerability from variot - Updated: 2023-12-18 11:45mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. Patches have been released for the Apache mod_digest module to include digest replay protection. The module reportedly did not adequately verify client-supplied nonces against the server issued nonce. This could permit a remote attacker to replay the response of another website or section of the same website under some circumstances. It should be noted that this issue does not exist in mod_auth_digest module. Apache is a popular WEB server program. A remote attacker could exploit this vulnerability to forge responses from other sites. This vulnerability only occurs when the username and password of the user on the fake station and the server are the same, and the actual name is also the same, but this situation is relatively rare
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200402-0070",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "9.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "8.0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 1.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 1.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 1.3,
"vendor": "avaya",
"version": "1.3.1"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 1.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.18"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.25"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.23"
},
{
"model": "apache mod digest apple",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "modular messaging message storage server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.9"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.19"
},
{
"model": "virtualvault",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.28"
},
{
"model": "openserver",
"scope": "eq",
"trust": 1.0,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.27"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "openbsd",
"version": "current"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.3"
},
{
"model": "network routing",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "webproxy",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.02.10"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.6"
},
{
"model": "mn100",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "modular messaging message storage server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "virtualvault",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "4.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.14"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.11"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.17"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.29"
},
{
"model": "openserver",
"scope": "eq",
"trust": 1.0,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.20"
},
{
"model": "webproxy",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.02.00"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.22"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.1"
},
{
"model": "virtualvault",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "4.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.26"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.24"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "stronghold",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "-current",
"scope": null,
"trust": 0.3,
"vendor": "openbsd",
"version": null
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network routing",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "mn100",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mod digest apple",
"scope": null,
"trust": 0.3,
"vendor": "apple",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.29"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.28"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.27"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.26"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.25"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.24"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.23"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.22"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.20"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.19"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.18"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.17"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.12"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.9"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.7"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3"
},
{
"model": "posadis",
"scope": "ne",
"trust": 0.3,
"vendor": "posadis",
"version": "1.3.31"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.31"
}
],
"sources": [
{
"db": "BID",
"id": "9571"
},
{
"db": "NVD",
"id": "CVE-2004-1082"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.7:*:dev:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:virtualvault:4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:virtualvault:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:communication_manager:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:communication_manager:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:webproxy:a.02.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:http_server:1.3.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:apache_mod_digest_apple:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:communication_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:virtualvault:4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:webproxy:a.02.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:communication_manager:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:intuity_audix_lx:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:avaya:network_routing:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:current:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1082"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dirk-Willem van Gulik\nOpenPKG\u203b openpkg@openpkg.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1082",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9512",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1082",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200402-019",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9512",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9512"
},
{
"db": "NVD",
"id": "CVE-2004-1082"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. Patches have been released for the Apache mod_digest module to include digest replay protection. The module reportedly did not adequately verify client-supplied nonces against the server issued nonce. This could permit a remote attacker to replay the response of another website or section of the same website under some circumstances. \nIt should be noted that this issue does not exist in mod_auth_digest module. Apache is a popular WEB server program. A remote attacker could exploit this vulnerability to forge responses from other sites. This vulnerability only occurs when the username and password of the user on the fake station and the server are the same, and the actual name is also the same, but this situation is relatively rare",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1082"
},
{
"db": "BID",
"id": "9571"
},
{
"db": "VULHUB",
"id": "VHN-9512"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "9571",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-1082",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1012414",
"trust": 1.7
},
{
"db": "XF",
"id": "18347",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2004-12-02",
"trust": 0.6
},
{
"db": "CIAC",
"id": "P-049",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200402-019",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9512",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9512"
},
{
"db": "BID",
"id": "9571"
},
{
"db": "NVD",
"id": "CVE-2004-1082"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
]
},
"id": "VAR-200402-0070",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9512"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:45:21.940000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1082"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2004/dec/msg00000.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/9571"
},
{
"trust": 1.7,
"url": "http://www.ciac.org/ciac/bulletins/p-049.shtml"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/alerts/2004/dec/1012414.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18347"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/18347"
},
{
"trust": 0.3,
"url": "http://www.mail-archive.com/dev@httpd.apache.org/msg19005.html"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-010_rhsa-2004-600.pdf"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-600.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2005-816.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57628"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9512"
},
{
"db": "BID",
"id": "9571"
},
{
"db": "NVD",
"id": "CVE-2004-1082"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9512"
},
{
"db": "BID",
"id": "9571"
},
{
"db": "NVD",
"id": "CVE-2004-1082"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-03T00:00:00",
"db": "VULHUB",
"id": "VHN-9512"
},
{
"date": "2004-02-03T00:00:00",
"db": "BID",
"id": "9571"
},
{
"date": "2004-02-03T05:00:00",
"db": "NVD",
"id": "CVE-2004-1082"
},
{
"date": "2003-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-9512"
},
{
"date": "2009-07-12T02:06:00",
"db": "BID",
"id": "9571"
},
{
"date": "2018-10-30T16:25:37.090000",
"db": "NVD",
"id": "CVE-2004-1082"
},
{
"date": "2006-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache mod_digest Customer supply Nonce Confirmation vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-019"
}
],
"trust": 0.6
}
}
VAR-200504-0002
Vulnerability from variot - Updated: 2023-12-18 11:41Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. A vulnerability exists in the reliance of the Border Gateway Protocol (BGP) on the Transmission Control Protocol (TCP) to maintain persistent sessions. Sustained exploitation of this vulnerability could lead to a denial-of-service condition affecting a large segment of the Internet community. Normal operations would most likely resume shortly after the attack stopped. In multiple vendor products TCP The implementation of ICMP Included in error message IP Address and TCP There is a flaw that only validates the port and does not check that the sequence number is in the proper range. This is illegal ICMP hard error By processing the message, TCP A vulnerability exists in which connections are reset. The vulnerability is ICMP Vulnerabilities resulting from message processing (CVE-2004-0790, CVE-2004-0791, CVE-2004-1060) Out of CVE-2004-0790 Vulnerability published as. TCP Due to vulnerabilities that affect implementation, a wide range of products are affected by these vulnerabilities. For more information, NISCC-532967 (JVN) , NISCC Advisory 532967/NISCC/ICMP (CPNI Advisory 00303) Please check also.Fraudulent ICMP By processing error messages TCP Connection is reset, resulting in service disruption (DoS) It can cause a condition. Multiple vendor implementations of TCP/IP Internet Control Message Protocol (ICMP) are reported prone to several denial-of-service attacks. ICMP is employed by network nodes to determine certain automatic actions to take based on network failures reported by an ICMP message. Reportedly, the RFC doesn't recommend security checks for ICMP error messages. As long as an ICMP message contains a valid source and destination IP address and port pair, it will be accepted for an associated connection. The following individual attacks are reported: - A blind connection-reset attack. This attack takes advantage of the specification that describes that on receiving a 'hard' ICMP error, the corresponding connection should be aborted. The Mitre ID CAN-2004-0790 is assigned to this issue. A remote attacker may exploit this issue to terminate target TCP connections and deny service for legitimate users. - An ICMP Source Quench attack. This attack takes advantage of the specification that a host must react to receive ICMP Source Quench messages by slowing transmission on the associated connection. The Mitre ID CAN-2004-0791 is assigned to this issue. A remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users. - An attack against ICMP PMTUD is reported to affect multiple vendors when they are configured to employ PMTUD. By sending a suitable forged ICMP message to a target host, an attacker may reduce the MTU for a given connection. The Mitre ID CAN-2004-1060 is assigned to this issue. A remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users. **Update: Microsoft platforms are also reported prone to these issues. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
HP SECURITY BULLETIN
HPSBUX01164 REVISION: 4
SSRT4884 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS)
NOTICE: There are no restrictions for distribution of this Security Bulletin provided that it remains complete and intact.
The information in this Security Bulletin should be acted upon as soon as possible.
INITIAL RELEASE: 10 July 2005
POTENTIAL SECURITY IMPACT: Remote Denial of Service (DoS)
SOURCE: Hewlett-Packard Company HP Software Security Response Team
VULNERABILITY SUMMARY: A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS).
REFERENCES: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.00, B.11.04, B.11.11, B.11.22, B.11.23 running TCP/IP. HP-UX B.11.11 and B.11.23 running TOUR (Transport Optional Upgrade Release).
BACKGROUND:
AFFECTED VERSIONS
HP-UX B.11.22
HP-UX B.11.00
=============
Networking.NET2-KRN
action: set ip_pmtu_strategy= 0 and either install binary
files or filter ICMP
HP-UX B.11.11
=============
Networking.NET2-KRN
action: set ip_pmtu_strategy= 0 and install PHNE_33159
HP-UX B.11.23
=============
Networking.NET2-KRN
->action: set ip_pmtu_strategy= 0 and install PHNE_32606
HP-UX B.11.11
HP-UX B.11.23
=============
TOUR_PRODUCT.T-NET2-KRN
action: set ip_pmtu_strategy= 0 and filter ICMP
HP-UX B.11.04
=============
Networking.NET2-KRN
action: set ip_pmtu_strategy= 0 and filter ICMP
END AFFECTED VERSIONS
Note: The latest TOUR (Transport Optional Upgrade Release), version 2.4, is available on B.11.11 only. The latest Transport Functionality is available to B.11.23 customers in the HP-UX 11i v2 September 2004 release. Customers using TOUR on B.11.23 can apply the workaround (set ip_pmtu_strategy= 0 and filter ICMP) or upgrade to the HP-UX 11i v2 September 2004 release. After upgrading the action for B.11.23 Networking.NET2-KRN listed above should be implemented.
http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html? lang=en
There are three issues reported in NISCC VU#532967:
CVE number: CAN-2004-0790 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0790 CVE number: CAN-2004-0791 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0791 CVE number: CAN-2004-1060 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1060
Workarounds are available for all three of these issues.
Until binary files are available for B.11.04 the workarounds should be used.
->Binary files are available for CAN-2004-0790 and CAN-2004-0791 for HP-UX B.11.00 and B.11.22.
Since PHNE_33159 is now available for B.11.11 the preliminary binary files for B.11.11 have been removed from the ftp site.
->Since PHNE_32606 is now available for B.11.23 the preliminary binary files for B.11.23 have been removed from the ftp site.
Note: If the TOUR (Transport Optional Upgrade Release) product is installed the binary files cannot be used.
Until the TOUR product is revised there are several options:
B.11.11 1. Use the workarounds. or 2. Remove TOUR and install the binary files.
B.11.23 1. Use the workarounds. or 2. Upgrade to the HP-UX 11i v2 September 2004 release and install the binary files.
TOUR(Transport Optional Upgrade Release) is available from http://www.hp.com/go/softwaredepot.
Workaround for CAN-2004-1060 may not be necessary.
Although changes in the binary files and patches for CAN-2004-0790 and CAN-2004-0791 do not prevent the exploit of CAN-2004-1060, they do make it less likely to succeed. The sequence number check suggested in section 5.1 of http://www.ietf.org/internet-drafts/ draft-gont-tcpm-icmp-attacks-03.txt has been implemented. Customers should consider whether this check reduces the risk of the exploit to the point that setting ip_pmtu_strategy=0 is not required.
If the workaround for CAN-2004-1060 is to be used, please note the following: ================================================= HPSBUX01137 recommends setting ip_pmtu_strategy = 0 or 3 as a workaround for the problem of CAN-2005-1192. CAN-2004-1060 has a different root cause and cannot be worked around with p_pmtu_strategy=3. To work around both CAN-2005-1192 and CAN-2004-1060 ip_pmtu_strategy=0 must be used.
Please refer to the Manual Actions section below for a summary of the required actions.
Workarounds:
CAN-2004-0790 and CAN-2004-0791
Filter out the following ICMP messages:
Type 3, Code 2 (Destination Unreachable, Protocol Unreachable)
Type 3, Code 3 (Destination Unreachable, Port Unreachable)
Type 4, Code 0 (Source Quench)
CAN-2004-1060
Set ip_pmtu_strategy=0.
Note: Filtering "Protocol Unreachable" and "Port Unreachable" should not be done without careful testing. Filtering these out may interfere with the correct functioning of network components. Filtering "Source Quench" should present little risk.
Setting ip_pmtu_strategy=0
Edit /etc/rc.config.d/nddconf to add the following:
TRANSPORT_NAME[n]=ip NDD_NAME[n]=ip_pmtu_strategy NDD_VALUE[n]=0
where 'n' is the next available index value as described in the nddconf comments.
This value will take effect when the system is rebooted. Until the system can be rebooted use the following command to read the /etc/rc.config.d/nddconf file and set the tunable parameters:
/usr/bin/ndd -c
The ip_pmtu_strategy parameter can be displayed by the following command:
/usr/bin/ndd -get /dev/ip ip_pmtu_strategy
Note: Since open connections will remain potentially vulnerable until they are closed and certain internal data structures are released it is recommended that the system be rebooted.
Note: There is a defect that will cause "ndd -c" to fail if there are more than 10 directives in /etc/rc.config.d/nddconf. That defect is fixed in the following patches:
B.11.11 - PHNE_25644 or subsequent
B.11.04 - PHNE_26076 or subsequent
B.11.00 - PHNE_26125 or subsequent
Preliminary binary files
->Preliminary binary files are available for B.11.00 and B.11.22. Patches are available for B.11.11 and B.11.23. The patches and the preliminary binary files address CAN-2004-0790 and CAN-2004-0791 only. Although changes in the patches and binary files for CAN-2004-0790 and CAN-2004-0791 do not prevent the exploit of CAN-2004-1060, they do make it less likely to succeed.
Instructions for downloading and installing the binary files are contained in readme files available here:
System: hprc.external.hp.com (192.170.19.51)
Login: icmp
Password: icmp
FTP Access:
ftp://icmp:icmp@hprc.external.hp.com/
or: ftp://icmp:icmp@192.170.19.51/
Note: The links above may not work for all browsers. If the
link fails the url should be entered directly into the
browser's address field.
Since a patch is available for B.11.11 the readme.11.11.txt and corresponding binary files have been removed from the ftp site.
->Since a patch is available for B.11.23 the readme.11.23.txt and corresponding binary files have been removed from the ftp site.
Download the appropriate readme file containing further instructions:
readme.11.00.txt readme.11.22.txt
Verify the cksum or md5sum:
->Note: The readme files have not changed since rev.1 of this Security Bulletin.
cksum readme* 2844254744 2546 readme.11.00.txt 2836317466 2469 readme.11.22.txt
md5sum readme* d28504f8532192de6a4f33bba4ea90ec readme.11.00.txt cafbb24f3dc7131501142f75deaeccbd readme.11.22.txt
Download and install the binary files as discussed in the readme files. The binary files are available in the same directory as the readme files.
For B.11.11 download and install PHNE_33159. The patch is available from < http://itrc.hp.com>.
->For B.11.23 download and install PHNE_32606. The patch is available from < http://itrc.hp.com>.
MANUAL ACTIONS: Yes - NonUpdate 1. Set ip_pmtu_strategy=0
-
EITHER a. Filter out the following ICMP messages:
Type 3, Code 2 (Destination Unreachable, Protocol Unreachable) Type 3, Code 3 (Destination Unreachable, Port Unreachable) Type 4, Code 0 (Source Quench)
OR
b. Install the appropriate binary file or patch (binary file
not available for B.11.04).
BULLETIN REVISION HISTORY: Revision 0: 25 May 2005 Initial release
Revision 1: 1 June 2005 Binary files for B.11.00 and B.11.22 are available. Added information about CAN-2004-1060. The "set ip_pmtu_strategy=0" workaround is required even if binary files are installed. Removed IPSec information.
Revision 2: 19 June 2005 TOUR (Transport Optional Upgrade Release) on B.11.11 and B.11.23 is potentially vulnerable. Added a description of the sequence number check implemented in the binary files.
Revision 3: 27 June 2005 PHNE_33159 is available for B.11.11. The B.11.11 binary files have been removed from the ftp site.
Revision 4: 10 July 2005 PHNE_32606 is available for B.11.23. The B.11.23 binary files have been removed from the ftp site.
HP-UX SPECIFIC SECURITY BULLETINS*: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system.
For more information: http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/ displayProductInfo.pl?productNumber=B6834AA
SUPPORT: For further information, contact normal HP Services support channel.
REPORT: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com. It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To obtain the security-alert PGP key please send an e-mail message to security-alert@hp.com with the Subject of 'get key' (no quotes).
SUBSCRIBE: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA& langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up Under Step1: your IRTC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your IRTC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page Subscriber's choice for Business: sign-in. On the Web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number: GN = HP General SW, MA = HP Management Agents, MI = Misc. 3rd party SW, MP = HP MPE/iX, NS = HP NonStop Servers, OV = HP OpenVMS, PI = HP Printing & Imaging, ST = HP Storage SW, TL = HP Trusted Linux, TU = HP Tru64 UNIX, UX = HP-UX, VV = HP Virtual Vault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
(c)Copyright 2005 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP nor its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBQtJVE+AfOvwtKn1ZEQKwPwCeLKNxE1048xGZniru4epJ6YAqYIcAn2+Y fjKXZ3hbnTeQeIn9Kk9ePC1d =cFE+ -----END PGP SIGNATURE-----
. HP Tru64 UNIX 5.1B-3 HP Tru64 UNIX 5.1B-2/PK4 HP Tru64 UNIX 5.1A PK HP Tru64 UNIX 4.0G PK4 HP Tru64 UNIX 4.0F PK8
BACKGROUND:
Special Instructions for the Customer
The Internet Control Message Protocol (ICMP) (RFC 792) is used in the Internet Architecture to perform fault-isolation and recovery (RFC816), which is the group of actions that hosts and routers take to determine if a network failure has occurred.
The industry standard TCP specification (RFC 793) has a vulnerability whereby ICMP packets can be used to perform a variety of attacks such as blind connection reset attacks and blind throughput-reduction attacks.
Path MTU Discovery (RFC 1191) describes a technique for dynamically discovering the MTU (maximum transmission unit) of an arbitrary internet path. This protocol uses ICMP packets from the router to discover the MTU for a TCP connection path.
HP has addressed these potential vulnerabilities by providing a new kernel tunable in Tru64 UNIX V5.1B and 5.1A, icmp_tcpseqcheck. In Tru64 4.0F and 4.0G, HP has introduced two new kernel tunables, icmp_tcpseqcheck and icmp_rejectcodemask. This behavior protects TCP against spoofed ICMP packets.
Set the tunable as follows:
icmp_tcpseqcheck=1 (default)
Provides a level of protection that reduces the possibility
of considering a spoofed ICMP packet as valid
to one in two raised to the thirty-second power.
icmp_tcpseqcheck=0
Retains existing behavior, i.e., accepts all ICMP packets
icmp_rejectcodemask
In the Requirements for IP Version 4 Routers (RFC 1812), research suggests that the use of ICMP Source Quench packets is an ineffective (and unfair) antidote for congestion. Thus, HP recommends completely ignoring ICMP Source Quench packets using the icmp_rejectcodemask tunable. The icmp_rejectcodemask is a bitmask that designates the ICMP codes that the system should reject. For example, to reject ICMP Source Quench packets, set the mask bit position for the ICMP_SOURCEQUENCH code 4, which is two to the 4th power = 16 (0x10 hex). The icmp_rejectcodemask tunable can be used to reject any ICMP packet type, or multiple masks can be combined to reject more than one type.
Note: the ICMP type codes are defined in "/usr/include/netinet/ip_icmp.h".
Set the tunable as follows:
icmp_rejectcodemask = 0x10
Rejects ICMP Source Quench packets
icmp_rejectcodemask = 0 (default)
Retains existing behavior, i.e., accepts all ICMP packets
Adjusting the variables
The ICMP sequence check variable (icmp_tcpseqcheck) can be adjusted using the sysconfig and sysconfigdb commands:
sysconfig -q inet icmp_tcpseqcheck
inet: icmp_tcpseqcheck = 1
sysconfig -r inet icmp_tcpseqcheck=0
icmp_tcpseqcheck: reconfigured
sysconfig -q inet icmp_tcpseqcheck
inet: icmp_tcpseqcheck = 0
sysconfig -q inet icmp_tcpseqcheck > /tmp/icmp_tcpseqcheck_merge
sysconfigdb -m -f /tmp/icmp_tcpseqcheck_merge inet
sysconfigdb -l inet
inet: icmp_tcpseqcheck = 1
Similarly, the icmp_rejectcodemask variable can be adjusted using the sysconfig and sysconfigdb commands:
sysconfig -q inet icmp_rejectcodemask
inet: icmp_rejectcodemask = 0
sysconfig -r inet icmp_rejectcodemask=0x10
icmp_rejectcodemask: reconfigured
sysconfig -q inet icmp_rejectcodemask
inet: icmp_rejectcodemask = 16
sysconfig -q inet icmp_rejectcodemask
/tmp/icmp_rejectcodemask_merge
sysconfigdb -m -f /tmp/icmp_rejectcodemask_merge inet
sysconfigdb -l inet
inet: icmp_rejectcodemask = 16
RESOLUTION:
Until the corrections are available in a mainstream release patch kit, HP is releasing the following Early Release Patch (ERP) kits publicly for use by any customer.
The ERP kits use dupatch to install and will not install over any installed Customer Specific Patches (CSPs) that have file intersections with the ERPs. Contact your service provider for assistance if the ERP installation is blocked by any of your installed CSPs.
The fixes contained in the ERP kits are scheduled to be available in the following mainstream patch kits:
HP Tru64 Unix 5.1B-4
Early Release Patches
The ERPs deliver the following file:
/sys/BINARY/inet.mod
HP Tru64 UNIX 5.1B-3 ERP Kit Name: T64KIT0025925-V51BB26-ES-20050628 Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do? patchid=T64KIT0025925-V51BB26-ES-20050628 MD5 checksum: 129251787a426320af16cd584b982027
HP Tru64 UNIX 5.1B-2/PK4 ERP Kit Name: T64KIT0025924-V51BB25-ES-20050628 Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do? patchid=T64KIT0025924-V51BB25-ES-20050628 MD5 checksum: 5fcc77a6876db6d10ef07ac96e11b3af
HP Tru64 UNIX 5.1A PK6 ERP Kit Name: T64KIT0025922-V51AB24-ES-20050628 Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do? patchid=T64KIT0025922-V51AB24-ES-20050628 MD5 checksum: 7c373b35c95945651a1cfda96bf71421
HP Tru64 UNIX 4.0G PK4 ERP Kit Name: T64KIT0025920-V40GB22-ES-20050628 Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do? patchid=T64KIT0025920-V40GB22-ES-20050628 MD5 checksum: 13849fd555239d75d300d1cb46dc995f
HP Tru64 UNIX 4.0F PK8 ERP Kit Name: DUXKIT0025921-V40FB22-ES-20050628 Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do? patchid=T64KIT0025920-V40GB22-ES-20050628 MD5 checksum: 743b614d39f185802701b7f2dd14ffa5
MD5 checksums are available from the ITRC patch database main page: http://www.itrc.hp.com/service/patch/mainPage.do - From the patch database main page, click Tru64 UNIX, then click verifying MD5 checksums under useful links. The RFC recommends no security checking for in-bound ICMP messages, so long as a related connection exists, and may potentially allow several different Denials of Service.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2004-0790 to this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2004-0791 to this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2004-1060 to this issue. Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
OpenServer 5.0.6 ip and tcp drivers
OpenServer 5.0.7 ip and tcp drivers
-
Solution
The proper solution is to install the latest packages. OpenServer 5.0.6
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4
4.2 Verification
MD5 (VOL.000.000) = 03ed8e901780e1535c113efeba72d8cd
md5 is available for download from ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
The following packages should be installed on your system before you install this fix:
RS506A OSS646 ERG711746: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt ERG712606: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txtUpgrade the affected binaries with the following sequence:
1) Download the VOL* files to a directory.
2) Run the custom command, specify an install from media images, and specify the directory as the location of the images. OpenServer 5.0.7
5.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4
5.2 Verification
MD5 (VOL.000.000) = 03ed8e901780e1535c113efeba72d8cd
md5 is available for download from ftp://ftp.sco.com/pub/security/tools
5.3 Installing Fixed Binaries
The following package should be installed on your system before you install this fix:
OSR507MP4 - OpenServer 5, Release 5.0.7 Maintenance Pack 4Upgrade the affected binaries with the following sequence:
1) Download the VOL* files to a directory.
2) Run the custom command, specify an install from media images, and specify the directory as the location of the images. References
Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1060
SCO security resources: http://www.sco.com/support/security/index.html
SCO security advisories via email http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents sr892503 fz530662 erg712759. Disclaimer
SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. Acknowledgments
The SCO Group would like to thank Fernando Gont for reporting these issues. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: Microsoft Windows Multiple IPv6 Denial of Service Vulnerabilities
SECUNIA ADVISORY ID: SA22341
VERIFY ADVISORY: http://secunia.com/advisories/22341/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Microsoft Windows XP Professional http://secunia.com/product/22/ Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/
DESCRIPTION: Three vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).
1) A vulnerability exists in the IPv6 Windows implementation of ICMP which, if successfully exploited, results in the system dropping an existing connection.
3) A vulnerability exists in the IPv6 implementation of TCP/IP which, if successfully exploited, could cause the system to stop responding.
Successful exploitation of the vulnerabilities requires IPv6 to be configured (not enabled by default).
Microsoft Windows XP SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=9fd73d12-ff7c-411d-944d-a6f147b20775
Microsoft Windows XP Professional x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=fc98f55c-520e-4a68-a3c3-0df51c6122bb
Microsoft Windows Server 2003 (with or without SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=102591a0-2b58-497b-bc20-593571b96e9c
Microsoft Windows Server 2003 (Itanium, with or without SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=12515d47-134d-4d1f-9ae7-f0a7167ec424
Microsoft Windows Server 2003 x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=c5faba34-48f5-4875-a0fa-6b8207f9b276
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: MS06-064 (KB922819): http://www.microsoft.com/technet/security/Bulletin/MS06-064.mspx
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) on an active TCP session
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200504-0002",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "10.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "9.0"
},
{
"model": "ios xr",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "nexland isb soho firewall appliance",
"scope": null,
"trust": 1.1,
"vendor": "symantec",
"version": null
},
{
"model": "windows 98se",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows 98",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "windows 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "windows me",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "7.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "switchblade 5400s series",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "switchblade 7800s series",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "switchblade4000",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "centrecom 8624xl series"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "centrecom 8724sl series"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "centrecom 8724xl series"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "centrecom 9606 series"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "centrecom 9800 series"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar130"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar160"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar300v2"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar300lv2"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar320"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar720"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "ax5400s series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax7800r series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax7800s series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "atm firmware version 1.10 (pogo) ~ 1.39 (smith grind)"
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "ver. 1.x firmware version 1.52 (inkknot) ~ 1.93 (harness)"
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "ver. 2.x firmware version 2.00 (belay) ~ 2.27 (ridge)"
},
{
"model": "seil/plus",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "firmware version 1.00 (snappy) ~ 1.51 (swisssingle)"
},
{
"model": "seil/turbo",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "firmware version 1.00 (union) ~ 1.51 (riodell)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "call manager",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 6500 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "catalyst 6608 voice gateway"
},
{
"model": "conference connection",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "crs-1",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "internet service node",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ip contact center express",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ip interactive voice response",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 7900 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7940/7960 sccp firmware"
},
{
"model": "ip phone 7900 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7940/7960 sip firmware"
},
{
"model": "ip phone 7900 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7970 sccp firmware"
},
{
"model": "ip queue manager",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "mgx 8250 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "mgx 8850 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "personal assistant",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6608-e1",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6608-t1",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6624-fxs",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexland pro series firewall appliance",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "100/200/200r"
},
{
"model": "gateway security 300 series",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security 400 series",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security 5300 series",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "v1.0"
},
{
"model": "gateway security 5400 series",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "v2.x"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98 scd"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "me"
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(itanium)"
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "gr2000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "gr4000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "gs3000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "gs4000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ip telephony pstn gateway",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "ip telephony telephone",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "ip-pbx ip mediaserve",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "ip-pbx ip pathfinder series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "pbx e-200 series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "pbx e-3000 series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "pbx es200 series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "pbx es3000 series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "voip gateway ew30ip",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "voip gateway geostreamsi-v series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "voip router lr-v series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch sb series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch sh series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch si-r series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch sr-s series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch sr series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "router geostream si-r series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "router netvehicle series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "8.0"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.3 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tru64 b-2 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "v100"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0.31"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.2"
},
{
"model": "ios 12.2yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ios 12.2yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.5"
},
{
"model": "coat systems sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.1"
},
{
"model": "ios 12.2sz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.2"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "ios 12.3yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "ios 12.2zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"model": "ios 12.2yr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox ii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.1"
},
{
"model": "ios 12.3xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "serverlock",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.0"
},
{
"model": "networks umts",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.3"
},
{
"model": "ios 12.1xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks application switch",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.0xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "serverlock",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12001.5"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.5"
},
{
"model": "ios 12.1da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "soho",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.2"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0.29"
},
{
"model": "ios 12.3 yf2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.1xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks multiprotocol router family asn",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.2.1"
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ios 12.2zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "coat systems sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "3.2.5"
},
{
"model": "m-series router m40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "serverlock",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.0.4"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "networks multiprotocol router family anh",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks baystack switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "420/425/325"
},
{
"model": "ios 12.3xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "25004.5"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2zk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "csm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.6"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "360"
},
{
"model": "ios 12.3ja",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0"
},
{
"model": "windows server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.0wc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tru64 f pk8",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "serverlock",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.0.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3(110)"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "460"
},
{
"model": "gateway security 360r build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.1300"
},
{
"model": "ios 12.2 da8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "45004.6"
},
{
"model": "networks preside mdm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.0xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tour",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "ios 12.1xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks multiprotocol router family pp2430",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.2cx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.4"
},
{
"model": "ios 12.1xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "ios 12.2by",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "53001.0"
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp gold",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "25004.6"
},
{
"model": "ios 12.2xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "windriver",
"version": "4.3.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.9"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0.35"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "m-series router m40e",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios 12.3 yg1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gateway security 360r build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.1415"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks ethernet routing switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "8600"
},
{
"model": "ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7902"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.1"
},
{
"model": "ios 12.0xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(4)"
},
{
"model": "nexland pro800 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "7000"
},
{
"model": "networks baystack switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5510/5520"
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "networks wlan access point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "7220.0"
},
{
"model": "ios 12.1xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "v10"
},
{
"model": "ios 12.1xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ze",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2cy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.0da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks shasta router",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.2sxa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2ey",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2 s13",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "6.0"
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nexland pro800turbo firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.6"
},
{
"model": "ios 12.2sxb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "ios 12.2xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "coat systems sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.2"
},
{
"model": "networks gsm",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.1xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.0"
},
{
"model": "ios 12.2xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "nexland pro100 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "200"
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.2yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11001.5"
},
{
"model": "ios 12.2xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.5"
},
{
"model": "ios 12.3xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks optera",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "ios 12.1yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.2"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "1.6"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6608"
},
{
"model": "ios 12.2 seb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firewall/vpn appliance 200r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "windows server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2so",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox ii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.5"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "ios 12.2yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "ios 12.2 t15",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "serverlock",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.0.1"
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.4"
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "v80"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.3"
},
{
"model": "ios 12.2 s3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox .b1140",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "6.0"
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1xv"
},
{
"model": "ios 12.1ev",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2jk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0.28"
},
{
"model": "windows datacenter server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.0xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(3)"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(13)"
},
{
"model": "ios 12.2xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows advanced server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ios 12.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks optivity network management system",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(1)"
},
{
"model": "ios 12.0xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "13001.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "ios 12.1xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "v60"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.1.3"
},
{
"model": "windows professional sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "netcache c630",
"scope": "eq",
"trust": 0.3,
"vendor": "netappliance",
"version": "3.3.1"
},
{
"model": "ios 12.1yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.5"
},
{
"model": "ios 12.1ea",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.0"
},
{
"model": "networks ax7800r",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "45004.5"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.8"
},
{
"model": "ios 12.3xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "tru64 a pk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "networks bayrs",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.3yq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "coat systems sgme",
"scope": null,
"trust": 0.3,
"vendor": "blue",
"version": null
},
{
"model": "ios 12.2 ew3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "coat systems spyware interceptor",
"scope": null,
"trust": 0.3,
"vendor": "blue",
"version": null
},
{
"model": "ios 12.2yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "ios 12.3xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nexland pro400 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "ios 12.2 eu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.1"
},
{
"model": "ios 12.1ex",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.6"
},
{
"model": "ios 12.3xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx pxm1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8850-1.2.11"
},
{
"model": "ios 12.0xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7920"
},
{
"model": "ios 12.2xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(1)"
},
{
"model": "ios 12.2ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.10"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.5"
},
{
"model": "ios 12.3xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6608"
},
{
"model": "networks multiprotocol router family bcn",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(2)"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.7"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(28)"
},
{
"model": "ios 12.2yv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "windriver",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "m-series router m160",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7970"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3.109)"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2eu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "coat systems sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.2.4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.3"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "ios 12.1eb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4200"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0.1"
},
{
"model": "networks ax7800s",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "ios 12.3bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "ios 12.3yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ewa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2za",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks univity bssm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.2 ya9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ja",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "15000"
},
{
"model": "ios 12.2zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6624"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "networks vpn router",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.4"
},
{
"model": "ios 12.0xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1az",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(3.100)"
},
{
"model": "ios 12.2da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks multiprotocol router family arn",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.2xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "windows datacenter server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "100"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.1dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.0sl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "t-series router t640",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios 12.2 ey",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.1"
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "6000"
},
{
"model": "ios 12.2xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "ios 12.1eu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "networks baystack bps2000/460/470 switch",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.2zn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ewa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.3(133)"
},
{
"model": "ios 12.1yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7960"
},
{
"model": "ios 12.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks multiprotocol router family bln",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.0sc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "networks baystack 380-24t switch",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.1ey",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2su",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "ios 12.3 xy4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3.102)"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "ios 12.3 yq",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2.111"
},
{
"model": "ios 12.3 yk1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2se",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks ethernet routing switch passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "8300"
},
{
"model": "networks aos",
"scope": null,
"trust": 0.3,
"vendor": "redback",
"version": null
},
{
"model": "ios 12.1eo",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.3xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "networks alteon switched firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5100"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "320"
},
{
"model": "ios 12.1xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.6"
},
{
"model": "tour",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "ios 12.2xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxd4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "m-series router m10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "windriver",
"version": "5.0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.4"
},
{
"model": "networks multiprotocol router family an",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.7"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7940"
},
{
"model": "ios 12.2yo",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.4"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "440"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15305"
},
{
"model": "ios 12.2zj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ex",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0"
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.2yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ja",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(5)"
},
{
"model": "ios 12.1ax",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "ios 12.2yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(1)"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(27)"
},
{
"model": "coat systems sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1.11"
},
{
"model": "coat systems cacheos",
"scope": null,
"trust": 0.3,
"vendor": "blue",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "ios 12.2 bc2f",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "ios 12.3 yi",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "ios 12.3xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks ax5400s",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "ios 12.3 t4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gateway security 460r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "networks multiprotocol router family pp5430",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "t-series router t320",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "ios 12.2xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "20000"
},
{
"model": "gateway security 360r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(6)"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.2"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2cz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8850"
},
{
"model": "ios 12.2xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "ios 12.2yq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yn",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tru64 g pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "m-series router m20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios 12.0xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows professional sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2 sxb7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "ios 12.2 s7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "m-series router m5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios 12.3ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.9"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3xx"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0xv"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ios 12.2xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "53101.0"
},
{
"model": "ios 12.2zb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.1"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"model": "ios 12.3 t7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15302"
},
{
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1100/1150/1200/1250"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks wlan access point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "7250.0"
},
{
"model": "mgx pxm1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8850-1.2.10"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(12)"
},
{
"model": "networks multiservice access switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4400"
},
{
"model": "ios 12.0sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "BID",
"id": "13124"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000258"
},
{
"db": "NVD",
"id": "CVE-2004-0790"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-022"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0790"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fernando Gont",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200504-022"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0790",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2004-0790",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0790",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#415294",
"trust": 0.8,
"value": "12.90"
},
{
"author": "CNNVD",
"id": "CNNVD-200504-022",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000258"
},
{
"db": "NVD",
"id": "CVE-2004-0790"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-022"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the \"blind connection-reset attack.\" NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. A vulnerability exists in the reliance of the Border Gateway Protocol (BGP) on the Transmission Control Protocol (TCP) to maintain persistent sessions. Sustained exploitation of this vulnerability could lead to a denial-of-service condition affecting a large segment of the Internet community. Normal operations would most likely resume shortly after the attack stopped. In multiple vendor products TCP The implementation of ICMP Included in error message IP Address and TCP There is a flaw that only validates the port and does not check that the sequence number is in the proper range. This is illegal ICMP hard error By processing the message, TCP A vulnerability exists in which connections are reset. The vulnerability is ICMP Vulnerabilities resulting from message processing (CVE-2004-0790, CVE-2004-0791, CVE-2004-1060) Out of CVE-2004-0790 Vulnerability published as. TCP Due to vulnerabilities that affect implementation, a wide range of products are affected by these vulnerabilities. For more information, NISCC-532967 (JVN) , NISCC Advisory 532967/NISCC/ICMP (CPNI Advisory 00303) Please check also.Fraudulent ICMP By processing error messages TCP Connection is reset, resulting in service disruption (DoS) It can cause a condition. Multiple vendor implementations of TCP/IP Internet Control Message Protocol (ICMP) are reported prone to several denial-of-service attacks. \nICMP is employed by network nodes to determine certain automatic actions to take based on network failures reported by an ICMP message. \nReportedly, the RFC doesn\u0027t recommend security checks for ICMP error messages. As long as an ICMP message contains a valid source and destination IP address and port pair, it will be accepted for an associated connection. \nThe following individual attacks are reported:\n- A blind connection-reset attack. This attack takes advantage of the specification that describes that on receiving a \u0027hard\u0027 ICMP error, the corresponding connection should be aborted. The Mitre ID CAN-2004-0790 is assigned to this issue. \nA remote attacker may exploit this issue to terminate target TCP connections and deny service for legitimate users. \n- An ICMP Source Quench attack. This attack takes advantage of the specification that a host must react to receive ICMP Source Quench messages by slowing transmission on the associated connection. The Mitre ID CAN-2004-0791 is assigned to this issue. \nA remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users. \n- An attack against ICMP PMTUD is reported to affect multiple vendors when they are configured to employ PMTUD. By sending a suitable forged ICMP message to a target host, an attacker may reduce the MTU for a given connection. The Mitre ID CAN-2004-1060 is assigned to this issue. \nA remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users. \n**Update: Microsoft platforms are also reported prone to these issues. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nHP SECURITY BULLETIN\n\nHPSBUX01164 REVISION: 4\n\nSSRT4884 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS)\n\nNOTICE:\nThere are no restrictions for distribution of this Security\nBulletin provided that it remains complete and intact. \n\nThe information in this Security Bulletin should be acted upon\n as soon as possible. \n\nINITIAL RELEASE:\n10 July 2005\n\nPOTENTIAL SECURITY IMPACT:\nRemote Denial of Service (DoS)\n\nSOURCE:\nHewlett-Packard Company\nHP Software Security Response Team\n\nVULNERABILITY SUMMARY:\nA potential security vulnerability has been identified with HP-UX\nrunning TCP/IP. This vulnerability could be remotely exploited by\nan unauthorized user to cause a Denial of Service(DoS). \n\nREFERENCES:\nNISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.00, B.11.04, B.11.11, B.11.22, B.11.23 running TCP/IP. \nHP-UX B.11.11 and B.11.23 running TOUR (Transport Optional Upgrade\nRelease). \n\nBACKGROUND:\n\n AFFECTED VERSIONS\n\n HP-UX B.11.22\n HP-UX B.11.00\n =============\n Networking.NET2-KRN\n action: set ip_pmtu_strategy= 0 and either install binary\n files or filter ICMP\n\n HP-UX B.11.11\n =============\n Networking.NET2-KRN\n action: set ip_pmtu_strategy= 0 and install PHNE_33159\n\n HP-UX B.11.23\n =============\n Networking.NET2-KRN\n -\u003eaction: set ip_pmtu_strategy= 0 and install PHNE_32606\n\n HP-UX B.11.11\n HP-UX B.11.23\n =============\n TOUR_PRODUCT.T-NET2-KRN\n action: set ip_pmtu_strategy= 0 and filter ICMP\n\n\n HP-UX B.11.04\n =============\n Networking.NET2-KRN\n action: set ip_pmtu_strategy= 0 and filter ICMP\n\n END AFFECTED VERSIONS\n\n\n Note: The latest TOUR (Transport Optional Upgrade Release),\n version 2.4, is available on B.11.11 only. The latest\n Transport Functionality is available to B.11.23 customers\n in the HP-UX 11i v2 September 2004 release. Customers\n using TOUR on B.11.23 can apply the workaround (set\n ip_pmtu_strategy= 0 and filter ICMP) or upgrade to the\n HP-UX 11i v2 September 2004 release. After upgrading the\n action for B.11.23 Networking.NET2-KRN listed above should\n be implemented. \n\n\u003chttp://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?\nlang=en\u003e\n\nThere are three issues reported in NISCC VU#532967:\n\n CVE number: CAN-2004-0790\n \u003chttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0790\u003e\n CVE number: CAN-2004-0791\n \u003chttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0791\u003e\n CVE number: CAN-2004-1060\n \u003chttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1060\u003e\n\nWorkarounds are available for all three of these issues. \n\nUntil binary files are available for B.11.04 the workarounds\nshould be used. \n\n\n -\u003eBinary files are available for CAN-2004-0790 and CAN-2004-0791\nfor HP-UX B.11.00 and B.11.22. \n\nSince PHNE_33159 is now available for B.11.11 the preliminary\nbinary files for B.11.11 have been removed from the ftp site. \n\n -\u003eSince PHNE_32606 is now available for B.11.23 the preliminary\nbinary files for B.11.23 have been removed from the ftp site. \n\n\nNote: If the TOUR (Transport Optional Upgrade Release) product is\n installed the binary files cannot be used. \n\nUntil the TOUR product is revised there are several options:\n\n B.11.11\n 1. Use the workarounds. \n or\n 2. Remove TOUR and install the binary files. \n\n B.11.23\n 1. Use the workarounds. \n or\n 2. Upgrade to the HP-UX 11i v2 September 2004 release\n and install the binary files. \n\nTOUR(Transport Optional Upgrade Release) is available from\n\u003chttp://www.hp.com/go/softwaredepot\u003e. \n\n\nWorkaround for CAN-2004-1060 may not be necessary. \n===================================\nAlthough changes in the binary files and patches for CAN-2004-0790\nand CAN-2004-0791 do not prevent the exploit of CAN-2004-1060,\nthey do make it less likely to succeed. The sequence number check\nsuggested in section 5.1 of \u003chttp://www.ietf.org/internet-drafts/\ndraft-gont-tcpm-icmp-attacks-03.txt\u003e has been implemented. \nCustomers should consider whether this check reduces the risk of\nthe exploit to the point that setting ip_pmtu_strategy=0 is not\nrequired. \n\nIf the workaround for CAN-2004-1060 is to be used, please note\nthe following:\n=================================================\nHPSBUX01137 recommends setting ip_pmtu_strategy = 0 or 3 as a\nworkaround for the problem of CAN-2005-1192. CAN-2004-1060 has a\ndifferent root cause and cannot be worked around with\np_pmtu_strategy=3. To work around both CAN-2005-1192 and\nCAN-2004-1060 ip_pmtu_strategy=0 must be used. \n\nPlease refer to the Manual Actions section below for a summary of\nthe required actions. \n\nWorkarounds:\n\n CAN-2004-0790 and CAN-2004-0791\n\n Filter out the following ICMP messages:\n\n Type 3, Code 2 (Destination Unreachable, Protocol Unreachable)\n Type 3, Code 3 (Destination Unreachable, Port Unreachable)\n Type 4, Code 0 (Source Quench)\n\n CAN-2004-1060\n\n Set ip_pmtu_strategy=0. \n\nNote: Filtering \"Protocol Unreachable\" and \"Port Unreachable\"\n should not be done without careful testing. Filtering these\n out may interfere with the correct functioning of network\n components. \n Filtering \"Source Quench\" should present little risk. \n\n\nSetting ip_pmtu_strategy=0\n==================\nEdit /etc/rc.config.d/nddconf to add the following:\n\nTRANSPORT_NAME[n]=ip\nNDD_NAME[n]=ip_pmtu_strategy\nNDD_VALUE[n]=0\n\nwhere \u0027n\u0027 is the next available index value as described in the\nnddconf comments. \n\nThis value will take effect when the system is rebooted. \nUntil the system can be rebooted use the following command\nto read the /etc/rc.config.d/nddconf file and set the tunable\nparameters:\n\n /usr/bin/ndd -c\n\nThe ip_pmtu_strategy parameter can be displayed by the\nfollowing command:\n\n /usr/bin/ndd -get /dev/ip ip_pmtu_strategy\n\nNote: Since open connections will remain potentially vulnerable\n until they are closed and certain internal data structures\n are released it is recommended that the system be rebooted. \n\nNote: There is a defect that will cause \"ndd -c\" to fail if there\n are more than 10 directives in /etc/rc.config.d/nddconf. \n That defect is fixed in the following patches:\n\n B.11.11 - PHNE_25644 or subsequent\n B.11.04 - PHNE_26076 or subsequent\n B.11.00 - PHNE_26125 or subsequent\n\n\nPreliminary binary files\n==============\n\n -\u003ePreliminary binary files are available for B.11.00 and B.11.22. \nPatches are available for B.11.11 and B.11.23. The patches and\nthe preliminary binary files address CAN-2004-0790 and\nCAN-2004-0791 only. Although changes in the patches and binary\nfiles for CAN-2004-0790 and CAN-2004-0791 do not prevent the\nexploit of CAN-2004-1060, they do make it less likely to succeed. \n\nInstructions for downloading and installing the binary files are\ncontained in readme files available here:\n\n System: hprc.external.hp.com (192.170.19.51)\n Login: icmp\n Password: icmp\n\n FTP Access:\n ftp://icmp:icmp@hprc.external.hp.com/\n or: ftp://icmp:icmp@192.170.19.51/\n Note: The links above may not work for all browsers. If the\n link fails the url should be entered directly into the\n browser\u0027s address field. \n\nSince a patch is available for B.11.11 the readme.11.11.txt and\ncorresponding binary files have been removed from the ftp site. \n\n -\u003eSince a patch is available for B.11.23 the readme.11.23.txt and\ncorresponding binary files have been removed from the ftp site. \n\n\nDownload the appropriate readme file containing further\ninstructions:\n\n readme.11.00.txt\n readme.11.22.txt\n\nVerify the cksum or md5sum:\n\n -\u003eNote: The readme files have not changed since rev.1 of this\n Security Bulletin. \n\n cksum readme*\n 2844254744 2546 readme.11.00.txt\n 2836317466 2469 readme.11.22.txt\n\n md5sum readme*\n d28504f8532192de6a4f33bba4ea90ec readme.11.00.txt\n cafbb24f3dc7131501142f75deaeccbd readme.11.22.txt\n\nDownload and install the binary files as discussed in the readme\nfiles. The binary files are available in the same directory as\nthe readme files. \n\nFor B.11.11 download and install PHNE_33159. The patch is\navailable from \u003c http://itrc.hp.com\u003e. \n\n -\u003eFor B.11.23 download and install PHNE_32606. The patch is\navailable from \u003c http://itrc.hp.com\u003e. \n\n\n\nMANUAL ACTIONS: Yes - NonUpdate\n1. Set ip_pmtu_strategy=0\n\n2. EITHER\n a. Filter out the following ICMP messages:\n\n Type 3, Code 2 (Destination Unreachable, Protocol Unreachable)\n Type 3, Code 3 (Destination Unreachable, Port Unreachable)\n Type 4, Code 0 (Source Quench)\n\n OR\n\n b. Install the appropriate binary file or patch (binary file\n not available for B.11.04). \n\nBULLETIN REVISION HISTORY:\nRevision 0: 25 May 2005\n Initial release\n\nRevision 1: 1 June 2005\n Binary files for B.11.00 and B.11.22 are available. \n Added information about CAN-2004-1060. \n The \"set ip_pmtu_strategy=0\" workaround is required even if\n binary files are installed. \n Removed IPSec information. \n\nRevision 2: 19 June 2005\n TOUR (Transport Optional Upgrade Release) on B.11.11 and B.11.23\n is potentially vulnerable. \n Added a description of the sequence number check implemented in\n the binary files. \n\nRevision 3: 27 June 2005\n PHNE_33159 is available for B.11.11. The B.11.11 binary files\n have been removed from the ftp site. \n\nRevision 4: 10 July 2005\n PHNE_32606 is available for B.11.23. The B.11.23 binary files\n have been removed from the ftp site. \n\n\n\nHP-UX SPECIFIC SECURITY BULLETINS*: Security Patch Check revision\nB.02.00 analyzes all HP-issued Security Bulletins to provide a\nsubset of recommended actions that potentially affect a specific\nHP-UX system. \n\nFor more information:\nhttp://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/\ndisplayProductInfo.pl?productNumber=B6834AA\n\n\nSUPPORT: For further information, contact normal HP Services\nsupport channel. \n\nREPORT: To report a potential security vulnerability with any HP\nsupported product, send Email to: security-alert@hp.com. It is\nstrongly recommended that security related information being\ncommunicated to HP be encrypted using PGP, especially exploit\ninformation. To obtain the security-alert PGP key please send an\ne-mail message to security-alert@hp.com with the Subject of\n\u0027get key\u0027 (no quotes). \n\nSUBSCRIBE: To initiate a subscription to receive future HP\nSecurity Bulletins via Email:\n\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026\nlangcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\n\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your IRTC security bulletins and patches\n - check ALL categories for which alerts are required and\n continue. \nUnder Step2: your IRTC operating systems\n - verify your operating system selections are checked and\n save. \n\nTo update an existing subscription:\nhttp://h30046.www3.hp.com/subSignIn.php\n\nLog in on the web page\n Subscriber\u0027s choice for Business: sign-in. \nOn the Web page:\n Subscriber\u0027s Choice: your profile summary\n - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit:\nhttp://itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\n relates to is represented by the 5th and 6th characters of the\n Bulletin number:\n GN = HP General SW,\n MA = HP Management Agents,\n MI = Misc. 3rd party SW,\n MP = HP MPE/iX,\n NS = HP NonStop Servers,\n OV = HP OpenVMS,\n PI = HP Printing \u0026 Imaging,\n ST = HP Storage SW,\n TL = HP Trusted Linux,\n TU = HP Tru64 UNIX,\n UX = HP-UX,\n VV = HP Virtual Vault\n\nSystem management and security procedures must be reviewed\nfrequently to maintain system integrity. HP is continually\nreviewing and enhancing the security features of software products\nto provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to\nbring to the attention of users of the affected HP products the\nimportant security information contained in this Bulletin. HP\nrecommends that all users determine the applicability of this\ninformation to their individual situations and take appropriate\naction. HP does not warrant that this information is necessarily\naccurate or complete for all user situations and, consequently, HP\nwill not be responsible for any damages resulting from user\u0027s use\nor disregard of the information provided in this Bulletin. To the\nextent permitted by law, HP disclaims all warranties, either\nexpress or implied, including the warranties of merchantability\nand fitness for a particular purpose, title and non-infringement.\"\n\n\n(c)Copyright 2005 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or\neditorial errors or omissions contained herein. The information\nprovided is provided \"as is\" without warranty of any kind. To the\nextent permitted by law, neither HP nor its affiliates,\nsubcontractors or suppliers will be liable for incidental, special\nor consequential damages including downtime cost; lost profits;\ndamages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. \nThe information in this document is subject to change without\nnotice. Hewlett-Packard Company and the names of Hewlett-Packard\nproducts referenced herein are trademarks of Hewlett-Packard\nCompany in the United States and other countries. Other product\nand company names mentioned herein may be trademarks of their\nrespective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBQtJVE+AfOvwtKn1ZEQKwPwCeLKNxE1048xGZniru4epJ6YAqYIcAn2+Y\nfjKXZ3hbnTeQeIn9Kk9ePC1d\n=cFE+\n-----END PGP SIGNATURE-----\n\n. \nHP Tru64 UNIX 5.1B-3\nHP Tru64 UNIX 5.1B-2/PK4\nHP Tru64 UNIX 5.1A PK\nHP Tru64 UNIX 4.0G PK4\nHP Tru64 UNIX 4.0F PK8\n\nBACKGROUND:\n\nSpecial Instructions for the Customer\n\nThe Internet Control Message Protocol (ICMP) (RFC 792) is used in\nthe Internet Architecture to perform fault-isolation and recovery\n(RFC816), which is the group of actions that hosts and routers\ntake to determine if a network failure has occurred. \n\nThe industry standard TCP specification (RFC 793) has a\nvulnerability whereby ICMP packets can be used to perform a\nvariety of attacks such as blind connection reset attacks and\nblind throughput-reduction attacks. \n\nPath MTU Discovery (RFC 1191) describes a technique for\ndynamically discovering the MTU (maximum transmission unit) of an\narbitrary internet path. This protocol uses ICMP packets from\nthe router to discover the MTU for a TCP connection path. \n\nHP has addressed these potential vulnerabilities by providing a\nnew kernel tunable in Tru64 UNIX V5.1B and 5.1A,\nicmp_tcpseqcheck. In Tru64 4.0F and 4.0G, HP has introduced two\nnew kernel tunables, icmp_tcpseqcheck and icmp_rejectcodemask. This behavior protects TCP\nagainst spoofed ICMP packets. \n\nSet the tunable as follows:\n\n icmp_tcpseqcheck=1 (default)\n\n Provides a level of protection that reduces the possibility\n of considering a spoofed ICMP packet as valid\n to one in two raised to the thirty-second power. \n\n icmp_tcpseqcheck=0\n\n Retains existing behavior, i.e., accepts all ICMP packets\n\nicmp_rejectcodemask\n\nIn the Requirements for IP Version 4 Routers (RFC 1812), research\nsuggests that the use of ICMP Source Quench packets is an\nineffective (and unfair) antidote for congestion. Thus, HP\nrecommends completely ignoring ICMP Source Quench packets using\nthe icmp_rejectcodemask tunable. The icmp_rejectcodemask is a\nbitmask that designates the ICMP codes that the system should\nreject. For example, to reject ICMP Source Quench packets,\nset the mask bit position for the ICMP_SOURCEQUENCH code 4,\nwhich is two to the 4th power = 16 (0x10 hex). \nThe icmp_rejectcodemask tunable can be used to reject any\nICMP packet type, or multiple masks can be combined to reject\nmore than one type. \n\nNote: the ICMP type codes are defined in\n \"/usr/include/netinet/ip_icmp.h\". \n\n Set the tunable as follows:\n\n icmp_rejectcodemask = 0x10\n\n Rejects ICMP Source Quench packets\n\n icmp_rejectcodemask = 0 (default)\n\n Retains existing behavior, i.e., accepts all ICMP packets\n\nAdjusting the variables\n\nThe ICMP sequence check variable (icmp_tcpseqcheck) can be\nadjusted using the sysconfig and sysconfigdb commands:\n\n# sysconfig -q inet icmp_tcpseqcheck\ninet:\nicmp_tcpseqcheck = 1\n# sysconfig -r inet icmp_tcpseqcheck=0\nicmp_tcpseqcheck: reconfigured\n# sysconfig -q inet icmp_tcpseqcheck\ninet:\nicmp_tcpseqcheck = 0\n# sysconfig -q inet icmp_tcpseqcheck \u003e /tmp/icmp_tcpseqcheck_merge\n# sysconfigdb -m -f /tmp/icmp_tcpseqcheck_merge inet\n# sysconfigdb -l inet\n\ninet:\n icmp_tcpseqcheck = 1\n\nSimilarly, the icmp_rejectcodemask variable can be adjusted using\nthe sysconfig and sysconfigdb commands:\n\n# sysconfig -q inet icmp_rejectcodemask\ninet:\nicmp_rejectcodemask = 0\n# sysconfig -r inet icmp_rejectcodemask=0x10\nicmp_rejectcodemask: reconfigured\n# sysconfig -q inet icmp_rejectcodemask\ninet:\nicmp_rejectcodemask = 16\n# sysconfig -q inet icmp_rejectcodemask\n \u003e /tmp/icmp_rejectcodemask_merge\n# sysconfigdb -m -f /tmp/icmp_rejectcodemask_merge inet\n# sysconfigdb -l inet\n\ninet:\n icmp_rejectcodemask = 16\n\nRESOLUTION:\n\nUntil the corrections are available in a mainstream\nrelease patch kit, HP is releasing the following Early Release\nPatch (ERP) kits publicly for use by any customer. \n\nThe ERP kits use dupatch to install and will not install over\nany installed Customer Specific Patches (CSPs) that have file\nintersections with the ERPs. Contact your service provider for\nassistance if the ERP installation is blocked by any of your\ninstalled CSPs. \n\nThe fixes contained in the ERP kits are scheduled to be\navailable in the following mainstream patch kits:\n\n HP Tru64 Unix 5.1B-4\n\nEarly Release Patches\n\nThe ERPs deliver the following file:\n\n/sys/BINARY/inet.mod\n\nHP Tru64 UNIX 5.1B-3 ERP Kit Name:\n T64KIT0025925-V51BB26-ES-20050628\nKit Location:\n http://www.itrc.hp.com/service/patch/patchDetail.do?\n patchid=T64KIT0025925-V51BB26-ES-20050628\nMD5 checksum: 129251787a426320af16cd584b982027\n\nHP Tru64 UNIX 5.1B-2/PK4 ERP Kit Name:\n T64KIT0025924-V51BB25-ES-20050628\nKit Location:\n http://www.itrc.hp.com/service/patch/patchDetail.do?\n patchid=T64KIT0025924-V51BB25-ES-20050628\nMD5 checksum: 5fcc77a6876db6d10ef07ac96e11b3af\n\nHP Tru64 UNIX 5.1A PK6 ERP Kit Name:\n T64KIT0025922-V51AB24-ES-20050628\nKit Location:\n http://www.itrc.hp.com/service/patch/patchDetail.do?\n patchid=T64KIT0025922-V51AB24-ES-20050628\nMD5 checksum: 7c373b35c95945651a1cfda96bf71421\n\nHP Tru64 UNIX 4.0G PK4 ERP Kit Name:\n T64KIT0025920-V40GB22-ES-20050628\nKit Location:\n http://www.itrc.hp.com/service/patch/patchDetail.do?\n patchid=T64KIT0025920-V40GB22-ES-20050628\nMD5 checksum: 13849fd555239d75d300d1cb46dc995f\n\nHP Tru64 UNIX 4.0F PK8 ERP Kit Name:\n DUXKIT0025921-V40FB22-ES-20050628\nKit Location:\n http://www.itrc.hp.com/service/patch/patchDetail.do?\n patchid=T64KIT0025920-V40GB22-ES-20050628\nMD5 checksum: 743b614d39f185802701b7f2dd14ffa5\n\nMD5 checksums are available from the ITRC patch database main\npage:\n http://www.itrc.hp.com/service/patch/mainPage.do\n- From the patch database main page, click Tru64 UNIX,\nthen click verifying MD5 checksums under useful links. The RFC recommends no security checking\n \tfor in-bound ICMP messages, so long as a related connection\n \texists, and may potentially allow several different Denials of\n \tService. \n\n \tThe Common Vulnerabilities and Exposures project (cve.mitre.org)\n \thas assigned the name CVE-2004-0790 to this issue. \n\n \tThe Common Vulnerabilities and Exposures project (cve.mitre.org)\n \thas assigned the name CVE-2004-0791 to this issue. \n\n \tThe Common Vulnerabilities and Exposures project (cve.mitre.org)\n \thas assigned the name CVE-2004-1060 to this issue. Vulnerable Supported Versions\n\n \tSystem\t\t\t\tBinaries\n \t----------------------------------------------------------------------\n \tOpenServer 5.0.6 \t\tip and tcp drivers\n \tOpenServer 5.0.7 \t\tip and tcp drivers\n\n\n3. Solution\n\n \tThe proper solution is to install the latest packages. OpenServer 5.0.6\n\n \t4.1 Location of Fixed Binaries\n\n \tftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4\n\n\n \t4.2 Verification\n\n \tMD5 (VOL.000.000) = 03ed8e901780e1535c113efeba72d8cd\n\n \tmd5 is available for download from\n \t\tftp://ftp.sco.com/pub/security/tools\n\n\n \t4.3 Installing Fixed Binaries\n\n \tThe following packages should be installed on your system before\n \tyou install this fix:\n\n \t\tRS506A\n \t\tOSS646\n \t\tERG711746: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt\n \t\tERG712606: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt\n\n \tUpgrade the affected binaries with the following sequence:\n\n \t1) Download the VOL* files to a directory. \n\n \t2) Run the custom command, specify an install from media images,\n \t and specify the directory as the location of the images. OpenServer 5.0.7\n\n \t5.1 Location of Fixed Binaries\n\n \tftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4\n\n\n \t5.2 Verification\n\n \tMD5 (VOL.000.000) = 03ed8e901780e1535c113efeba72d8cd\n\n \tmd5 is available for download from\n \t\tftp://ftp.sco.com/pub/security/tools\n\n\n \t5.3 Installing Fixed Binaries\n\n \tThe following package should be installed on your system before\n \tyou install this fix:\n\n \t\tOSR507MP4 - OpenServer 5, Release 5.0.7 Maintenance Pack 4\n\n \tUpgrade the affected binaries with the following sequence:\n\n \t1) Download the VOL* files to a directory. \n\n \t2) Run the custom command, specify an install from media images,\n \t and specify the directory as the location of the images. References\n\n \tSpecific references for this advisory:\n \t\thttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0790\n \t\thttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0791\n \t\thttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1060\n\n \tSCO security resources:\n \t\thttp://www.sco.com/support/security/index.html\n\n \tSCO security advisories via email\n \t\thttp://www.sco.com/support/forums/security.html\n\n \tThis security fix closes SCO incidents sr892503 fz530662\n \terg712759. Disclaimer\n\n \tSCO is not responsible for the misuse of any of the information\n \twe provide on this website and/or through our security\n \tadvisories. Our advisories are a service to our customers\n \tintended to promote secure installation and use of SCO\n \tproducts. Acknowledgments\n\n \tThe SCO Group would like to thank Fernando Gont for reporting\n \tthese issues. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\nMicrosoft Windows Multiple IPv6 Denial of Service Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA22341\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22341/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nMicrosoft Windows XP Professional\nhttp://secunia.com/product/22/\nMicrosoft Windows XP Home Edition\nhttp://secunia.com/product/16/\nMicrosoft Windows Server 2003 Web Edition\nhttp://secunia.com/product/1176/\nMicrosoft Windows Server 2003 Standard Edition\nhttp://secunia.com/product/1173/\nMicrosoft Windows Server 2003 Enterprise Edition\nhttp://secunia.com/product/1174/\nMicrosoft Windows Server 2003 Datacenter Edition\nhttp://secunia.com/product/1175/\n\nDESCRIPTION:\nThree vulnerabilities have been reported in Microsoft Windows, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\n1) A vulnerability exists in the IPv6 Windows implementation of ICMP\nwhich, if successfully exploited, results in the system dropping an\nexisting connection. \n\n3) A vulnerability exists in the IPv6 implementation of TCP/IP which,\nif successfully exploited, could cause the system to stop responding. \n\nSuccessful exploitation of the vulnerabilities requires IPv6 to be\nconfigured (not enabled by default). \n\nMicrosoft Windows XP SP1/SP2:\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=9fd73d12-ff7c-411d-944d-a6f147b20775\n\nMicrosoft Windows XP Professional x64 Edition:\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=fc98f55c-520e-4a68-a3c3-0df51c6122bb\n\nMicrosoft Windows Server 2003 (with or without SP1):\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=102591a0-2b58-497b-bc20-593571b96e9c\n\nMicrosoft Windows Server 2003 (Itanium, with or without SP1):\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=12515d47-134d-4d1f-9ae7-f0a7167ec424\n\nMicrosoft Windows Server 2003 x64 Edition:\nhttp://www.microsoft.com/downloads/details.aspx?FamilyId=c5faba34-48f5-4875-a0fa-6b8207f9b276\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nMS06-064 (KB922819):\nhttp://www.microsoft.com/technet/security/Bulletin/MS06-064.mspx\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. This fixes some\nvulnerabilities, which can be exploited by malicious people to cause\na DoS (Denial of Service) on an active TCP session",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0790"
},
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000258"
},
{
"db": "BID",
"id": "13124"
},
{
"db": "PACKETSTORM",
"id": "38779"
},
{
"db": "PACKETSTORM",
"id": "38762"
},
{
"db": "PACKETSTORM",
"id": "42808"
},
{
"db": "PACKETSTORM",
"id": "50808"
},
{
"db": "PACKETSTORM",
"id": "42811"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0790",
"trust": 3.0
},
{
"db": "BID",
"id": "13124",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "22341",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "18317",
"trust": 1.7
},
{
"db": "SREASON",
"id": "57",
"trust": 1.6
},
{
"db": "SREASON",
"id": "19",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3983",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#415294",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#222750",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "4030",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000258",
"trust": 0.8
},
{
"db": "SCO",
"id": "SCOSA-2006.4",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:53",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:622",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:514",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:176",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:3458",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:4804",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:211",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1177",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:412",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1910",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "101658",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57746",
"trust": 0.6
},
{
"db": "HP",
"id": "HPSBST02161",
"trust": 0.6
},
{
"db": "HP",
"id": "SSRT4743",
"trust": 0.6
},
{
"db": "HP",
"id": "HPSBUX01164",
"trust": 0.6
},
{
"db": "MS",
"id": "MS05-019",
"trust": 0.6
},
{
"db": "MS",
"id": "MS06-064",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200504-022",
"trust": 0.6
},
{
"db": "USCERT",
"id": "TA04-111A",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "38779",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38762",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42808",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50808",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42811",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "BID",
"id": "13124"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000258"
},
{
"db": "PACKETSTORM",
"id": "38779"
},
{
"db": "PACKETSTORM",
"id": "38762"
},
{
"db": "PACKETSTORM",
"id": "42808"
},
{
"db": "PACKETSTORM",
"id": "50808"
},
{
"db": "PACKETSTORM",
"id": "42811"
},
{
"db": "NVD",
"id": "CVE-2004-0790"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-022"
}
]
},
"id": "VAR-200504-0002",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.7148783
},
"last_update_date": "2023-12-18T11:41:36.525000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20050412-icmp",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml"
},
{
"title": "HPSBUX01164",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00576017"
},
{
"title": "HPSBUX01164",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux01164.html"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"title": "MS06-064",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
},
{
"title": "[\u5f71\u97ff\uff1a\u6975\u5c0f] TCP\u5b9f\u88c5\u306eICMP\u30a8\u30e9\u30fc\u30e1\u30c3\u30bb\u30fc\u30b8\u306e\u51e6\u7406\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www.seil.jp/seilseries/news/snote/_snote_20050727.html"
},
{
"title": "101658",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1"
},
{
"title": "SYM05-008",
"trust": 0.8,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.05.02.html"
},
{
"title": "cisco-sa-20050412-icmp",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20050412-icmp-j.shtml"
},
{
"title": "SYM05-008",
"trust": 0.8,
"url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.05.02.html"
},
{
"title": "ICMP+TCP\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20050412.html"
},
{
"title": "AX-VU2005-01",
"trust": 0.8,
"url": "http://www.alaxala.com/jp/support/security/icmp-20050412.html"
},
{
"title": "HCVU000000001",
"trust": 0.8,
"url": "http://www.hitachi-cable.co.jp/infosystem/support/security/hcvu000000001.html"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms05-019.mspx"
},
{
"title": "MS06-064",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms06-064.mspx"
},
{
"title": "\u300cTCP\u5b9f\u88c5\u306b\u304a\u3051\u308bICMP\u30a8\u30e9\u30fc\u30e1\u30c3\u30bb\u30fc\u30b8\u51e6\u7406\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u300d\u5bfe\u7b56\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/network/notice/niscc-532967.html"
},
{
"title": "\u300cTCP\u5b9f\u88c5\u306b\u304a\u3051\u308bICMP\u30a8\u30e9\u30fc\u30e1\u30c3\u30bb\u30fc\u30b8\u51e6\u7406\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u300d",
"trust": 0.8,
"url": "http://www.nec.co.jp/ip88n/icmp.html"
},
{
"title": "IX5000/IX5500\u30b7\u30ea\u30fc\u30ba TCP\u5b9f\u88c5\u306eICMP\u30a8\u30e9\u30fc\u30e1\u30c3\u30bb\u30fc\u30b8\u306e\u51e6\u7406\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u306e\u5831\u544a",
"trust": 0.8,
"url": "http://www.nec.co.jp/ixseries/ix5k/tcp/tcp20050415.html"
},
{
"title": "ICMP\u4f7f\u7528\u6642\u306bTCP\u30bb\u30c3\u30b7\u30e7\u30f3\u304c\u963b\u5bb3\u3055\u308c\u308b\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5bfe\u5fdc\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://fenics.fujitsu.com/products/support/2006/icmp_0119.html"
},
{
"title": "532967/NISCC/ICMP",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/niscc532967.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000258"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0790"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/13124"
},
{
"trust": 1.9,
"url": "http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt"
},
{
"trust": 1.9,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1"
},
{
"trust": 1.6,
"url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2006.4/scosa-2006.4.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/18317"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22341"
},
{
"trust": 1.6,
"url": "http://securityreason.com/securityalert/19"
},
{
"trust": 1.6,
"url": "http://securityreason.com/securityalert/57"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1"
},
{
"trust": 1.6,
"url": "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html"
},
{
"trust": 1.6,
"url": "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/222750"
},
{
"trust": 1.0,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=112861397904255\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/418882/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3983"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1177"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a176"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1910"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a211"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a3458"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a412"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4804"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a514"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a53"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a622"
},
{
"trust": 0.9,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0790"
},
{
"trust": 0.8,
"url": "http://www.uniras.gov.uk/niscc/docs/al-20040420-00199.html?lang=en"
},
{
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20040420-00391.pdf"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3562.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2385.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc1323.txt"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=4030"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/p-177.shtml"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20050412-00303.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2005/0344"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/draft-gont-tcpm-icmp-attacks-03"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20050413-ms05-019.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-532967/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0790"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20050412-00303.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/2005/20050414_195834.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/449179/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/418882/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3983"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=112861397904255\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:622"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:53"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:514"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:4804"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:412"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:3458"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:211"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1910"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:176"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1177"
},
{
"trust": 0.3,
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=29\u0026subcategory=1\u0026subtype=\u0026documentoid=326515"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-217.htm"
},
{
"trust": 0.3,
"url": "http://www.alaxala.com/jp/support/icmp-20050412.html"
},
{
"trust": 0.3,
"url": "http://www.f5.com/f5products/bigip/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080436587.shtml"
},
{
"trust": 0.3,
"url": "http://archives.neohapsis.com/archives/openbsd/cvs/2005-06/0889.html"
},
{
"trust": 0.3,
"url": "http://archives.neohapsis.com/archives/openbsd/cvs/2005-05/0773.html"
},
{
"trust": 0.3,
"url": "http://www.cymru.com/documents/icmp-messages.html"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?rs=118\u0026uid=isg1iy70026"
},
{
"trust": 0.3,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/38.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2005-043.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/advisory_icmp_error_message_vulnerabilities.html"
},
{
"trust": 0.3,
"url": "http://tech.f5.com/home/bigip/solutions/advisories/sol4583.html"
},
{
"trust": 0.3,
"url": "http://tech.f5.com/home/bigip-next/solutions/advisories/sol4584.html"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbtu01210"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1\u0026searchclause=2"
},
{
"trust": 0.3,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.05.02.html"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/cas/techalerts/ta04-111a.html"
},
{
"trust": 0.3,
"url": "http://www.sco.com/support/update/download/release.php?rid=58"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/415294"
},
{
"trust": 0.3,
"url": "/archive/1/404535"
},
{
"trust": 0.3,
"url": "/archive/1/406296"
},
{
"trust": 0.3,
"url": "/archive/1/405764"
},
{
"trust": 0.3,
"url": "/archive/1/405771"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0790"
},
{
"trust": 0.2,
"url": "http://itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0791"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-1060"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-1060\u003e"
},
{
"trust": 0.1,
"url": "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0790\u003e"
},
{
"trust": 0.1,
"url": "http://www.hp.com/go/softwaredepot\u003e."
},
{
"trust": 0.1,
"url": "http://itrc.hp.com\u003e."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/internet-drafts/"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0791\u003e"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/mainpage.do"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2001-0328"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/mainpage"
},
{
"trust": 0.1,
"url": "http://www.sco.com/support/security/index.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.sco.com/support/forums/security.html"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0791"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-1060"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1173/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=fc98f55c-520e-4a68-a3c3-0df51c6122bb"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/22/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=102591a0-2b58-497b-bc20-593571b96e9c"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=c5faba34-48f5-4875-a0fa-6b8207f9b276"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1174/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1176/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1175/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=12515d47-134d-4d1f-9ae7-f0a7167ec424"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22341/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=9fd73d12-ff7c-411d-944d-a6f147b20775"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18317/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/14904/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/137/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "BID",
"id": "13124"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000258"
},
{
"db": "PACKETSTORM",
"id": "38779"
},
{
"db": "PACKETSTORM",
"id": "38762"
},
{
"db": "PACKETSTORM",
"id": "42808"
},
{
"db": "PACKETSTORM",
"id": "50808"
},
{
"db": "PACKETSTORM",
"id": "42811"
},
{
"db": "NVD",
"id": "CVE-2004-0790"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-022"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "BID",
"id": "13124"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000258"
},
{
"db": "PACKETSTORM",
"id": "38779"
},
{
"db": "PACKETSTORM",
"id": "38762"
},
{
"db": "PACKETSTORM",
"id": "42808"
},
{
"db": "PACKETSTORM",
"id": "50808"
},
{
"db": "PACKETSTORM",
"id": "42811"
},
{
"db": "NVD",
"id": "CVE-2004-0790"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-022"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-04-20T00:00:00",
"db": "CERT/CC",
"id": "VU#415294"
},
{
"date": "2005-04-12T00:00:00",
"db": "BID",
"id": "13124"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000258"
},
{
"date": "2005-07-20T07:23:12",
"db": "PACKETSTORM",
"id": "38779"
},
{
"date": "2005-07-19T14:36:44",
"db": "PACKETSTORM",
"id": "38762"
},
{
"date": "2006-01-05T02:07:56",
"db": "PACKETSTORM",
"id": "42808"
},
{
"date": "2006-10-12T03:39:42",
"db": "PACKETSTORM",
"id": "50808"
},
{
"date": "2006-01-05T16:28:15",
"db": "PACKETSTORM",
"id": "42811"
},
{
"date": "2005-04-12T04:00:00",
"db": "NVD",
"id": "CVE-2004-0790"
},
{
"date": "2005-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200504-022"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-05-01T00:00:00",
"db": "CERT/CC",
"id": "VU#415294"
},
{
"date": "2006-12-08T19:54:00",
"db": "BID",
"id": "13124"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000258"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2004-0790"
},
{
"date": "2005-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200504-022"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "38762"
},
{
"db": "PACKETSTORM",
"id": "42808"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-022"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Border Gateway Protocol relies on persistent TCP sessions without specifying authentication requirements",
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200504-022"
}
],
"trust": 0.6
}
}
VAR-200504-0003
Vulnerability from variot - Updated: 2023-12-18 11:41Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. A vulnerability exists in the reliance of the Border Gateway Protocol (BGP) on the Transmission Control Protocol (TCP) to maintain persistent sessions. Sustained exploitation of this vulnerability could lead to a denial-of-service condition affecting a large segment of the Internet community. Normal operations would most likely resume shortly after the attack stopped. In multiple vendor products TCP The implementation of ICMP Included in error message IP Address and TCP There is a flaw that only validates the port and does not check that the sequence number is in the proper range. This ICMP source quench Established by processing error messages TCP There is a vulnerability that reduces connection throughput. The vulnerability is ICMP Vulnerabilities resulting from message processing (CVE-2004-0790, CVE-2004-0791, CVE-2004-1060) Out of CVE-2004-0791 Vulnerability published as. TCP Due to vulnerabilities that affect implementation, a wide range of products are affected by these vulnerabilities. For more information, NISCC-532967 (JVN) , NISCC Advisory 532967/NISCC/ICMP (CPNI Advisory 00303) Please check also.Intentionally created fraud ICMP By processing error messages TCP Connection is reset, resulting in service disruption (DoS) It can cause a condition. Multiple vendor implementations of TCP/IP Internet Control Message Protocol (ICMP) are reported prone to several denial-of-service attacks. ICMP is employed by network nodes to determine certain automatic actions to take based on network failures reported by an ICMP message. Reportedly, the RFC doesn't recommend security checks for ICMP error messages. As long as an ICMP message contains a valid source and destination IP address and port pair, it will be accepted for an associated connection. The following individual attacks are reported: - A blind connection-reset attack. This attack takes advantage of the specification that describes that on receiving a 'hard' ICMP error, the corresponding connection should be aborted. The Mitre ID CAN-2004-0790 is assigned to this issue. A remote attacker may exploit this issue to terminate target TCP connections and deny service for legitimate users. - An ICMP Source Quench attack. The Mitre ID CAN-2004-0791 is assigned to this issue. A remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users. - An attack against ICMP PMTUD is reported to affect multiple vendors when they are configured to employ PMTUD. By sending a suitable forged ICMP message to a target host, an attacker may reduce the MTU for a given connection. The Mitre ID CAN-2004-1060 is assigned to this issue. A remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users. **Update: Microsoft platforms are also reported prone to these issues. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
HP SECURITY BULLETIN
HPSBUX01164 REVISION: 4
SSRT4884 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS)
NOTICE: There are no restrictions for distribution of this Security Bulletin provided that it remains complete and intact.
The information in this Security Bulletin should be acted upon as soon as possible.
INITIAL RELEASE: 10 July 2005
POTENTIAL SECURITY IMPACT: Remote Denial of Service (DoS)
SOURCE: Hewlett-Packard Company HP Software Security Response Team
VULNERABILITY SUMMARY: A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS).
REFERENCES: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.00, B.11.04, B.11.11, B.11.22, B.11.23 running TCP/IP. HP-UX B.11.11 and B.11.23 running TOUR (Transport Optional Upgrade Release).
BACKGROUND:
AFFECTED VERSIONS
HP-UX B.11.22
HP-UX B.11.00
=============
Networking.NET2-KRN
action: set ip_pmtu_strategy= 0 and either install binary
files or filter ICMP
HP-UX B.11.11
=============
Networking.NET2-KRN
action: set ip_pmtu_strategy= 0 and install PHNE_33159
HP-UX B.11.23
=============
Networking.NET2-KRN
->action: set ip_pmtu_strategy= 0 and install PHNE_32606
HP-UX B.11.11
HP-UX B.11.23
=============
TOUR_PRODUCT.T-NET2-KRN
action: set ip_pmtu_strategy= 0 and filter ICMP
HP-UX B.11.04
=============
Networking.NET2-KRN
action: set ip_pmtu_strategy= 0 and filter ICMP
END AFFECTED VERSIONS
Note: The latest TOUR (Transport Optional Upgrade Release), version 2.4, is available on B.11.11 only. The latest Transport Functionality is available to B.11.23 customers in the HP-UX 11i v2 September 2004 release. Customers using TOUR on B.11.23 can apply the workaround (set ip_pmtu_strategy= 0 and filter ICMP) or upgrade to the HP-UX 11i v2 September 2004 release. After upgrading the action for B.11.23 Networking.NET2-KRN listed above should be implemented.
http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html? lang=en
There are three issues reported in NISCC VU#532967:
CVE number: CAN-2004-0790 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0790 CVE number: CAN-2004-0791 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0791 CVE number: CAN-2004-1060 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1060
Workarounds are available for all three of these issues.
Until binary files are available for B.11.04 the workarounds should be used.
->Binary files are available for CAN-2004-0790 and CAN-2004-0791 for HP-UX B.11.00 and B.11.22.
Since PHNE_33159 is now available for B.11.11 the preliminary binary files for B.11.11 have been removed from the ftp site.
->Since PHNE_32606 is now available for B.11.23 the preliminary binary files for B.11.23 have been removed from the ftp site.
Note: If the TOUR (Transport Optional Upgrade Release) product is installed the binary files cannot be used.
Until the TOUR product is revised there are several options:
B.11.11 1. Use the workarounds. or 2. Remove TOUR and install the binary files.
B.11.23 1. Use the workarounds. or 2. Upgrade to the HP-UX 11i v2 September 2004 release and install the binary files.
TOUR(Transport Optional Upgrade Release) is available from http://www.hp.com/go/softwaredepot.
Workaround for CAN-2004-1060 may not be necessary.
Although changes in the binary files and patches for CAN-2004-0790 and CAN-2004-0791 do not prevent the exploit of CAN-2004-1060, they do make it less likely to succeed. The sequence number check suggested in section 5.1 of http://www.ietf.org/internet-drafts/ draft-gont-tcpm-icmp-attacks-03.txt has been implemented. Customers should consider whether this check reduces the risk of the exploit to the point that setting ip_pmtu_strategy=0 is not required.
If the workaround for CAN-2004-1060 is to be used, please note the following: ================================================= HPSBUX01137 recommends setting ip_pmtu_strategy = 0 or 3 as a workaround for the problem of CAN-2005-1192. CAN-2004-1060 has a different root cause and cannot be worked around with p_pmtu_strategy=3. To work around both CAN-2005-1192 and CAN-2004-1060 ip_pmtu_strategy=0 must be used.
Please refer to the Manual Actions section below for a summary of the required actions.
Workarounds:
CAN-2004-0790 and CAN-2004-0791
Filter out the following ICMP messages:
Type 3, Code 2 (Destination Unreachable, Protocol Unreachable)
Type 3, Code 3 (Destination Unreachable, Port Unreachable)
Type 4, Code 0 (Source Quench)
CAN-2004-1060
Set ip_pmtu_strategy=0.
Note: Filtering "Protocol Unreachable" and "Port Unreachable" should not be done without careful testing. Filtering these out may interfere with the correct functioning of network components. Filtering "Source Quench" should present little risk.
Setting ip_pmtu_strategy=0
Edit /etc/rc.config.d/nddconf to add the following:
TRANSPORT_NAME[n]=ip NDD_NAME[n]=ip_pmtu_strategy NDD_VALUE[n]=0
where 'n' is the next available index value as described in the nddconf comments.
This value will take effect when the system is rebooted. Until the system can be rebooted use the following command to read the /etc/rc.config.d/nddconf file and set the tunable parameters:
/usr/bin/ndd -c
The ip_pmtu_strategy parameter can be displayed by the following command:
/usr/bin/ndd -get /dev/ip ip_pmtu_strategy
Note: Since open connections will remain potentially vulnerable until they are closed and certain internal data structures are released it is recommended that the system be rebooted.
Note: There is a defect that will cause "ndd -c" to fail if there are more than 10 directives in /etc/rc.config.d/nddconf. That defect is fixed in the following patches:
B.11.11 - PHNE_25644 or subsequent
B.11.04 - PHNE_26076 or subsequent
B.11.00 - PHNE_26125 or subsequent
Preliminary binary files
->Preliminary binary files are available for B.11.00 and B.11.22. Patches are available for B.11.11 and B.11.23. The patches and the preliminary binary files address CAN-2004-0790 and CAN-2004-0791 only. Although changes in the patches and binary files for CAN-2004-0790 and CAN-2004-0791 do not prevent the exploit of CAN-2004-1060, they do make it less likely to succeed.
Instructions for downloading and installing the binary files are contained in readme files available here:
System: hprc.external.hp.com (192.170.19.51)
Login: icmp
Password: icmp
FTP Access:
ftp://icmp:icmp@hprc.external.hp.com/
or: ftp://icmp:icmp@192.170.19.51/
Note: The links above may not work for all browsers. If the
link fails the url should be entered directly into the
browser's address field.
Since a patch is available for B.11.11 the readme.11.11.txt and corresponding binary files have been removed from the ftp site.
->Since a patch is available for B.11.23 the readme.11.23.txt and corresponding binary files have been removed from the ftp site.
Download the appropriate readme file containing further instructions:
readme.11.00.txt readme.11.22.txt
Verify the cksum or md5sum:
->Note: The readme files have not changed since rev.1 of this Security Bulletin.
cksum readme* 2844254744 2546 readme.11.00.txt 2836317466 2469 readme.11.22.txt
md5sum readme* d28504f8532192de6a4f33bba4ea90ec readme.11.00.txt cafbb24f3dc7131501142f75deaeccbd readme.11.22.txt
Download and install the binary files as discussed in the readme files. The binary files are available in the same directory as the readme files.
For B.11.11 download and install PHNE_33159. The patch is available from < http://itrc.hp.com>.
->For B.11.23 download and install PHNE_32606. The patch is available from < http://itrc.hp.com>.
MANUAL ACTIONS: Yes - NonUpdate 1. Set ip_pmtu_strategy=0
-
EITHER a. Filter out the following ICMP messages:
Type 3, Code 2 (Destination Unreachable, Protocol Unreachable) Type 3, Code 3 (Destination Unreachable, Port Unreachable) Type 4, Code 0 (Source Quench)
OR
b. Install the appropriate binary file or patch (binary file
not available for B.11.04).
BULLETIN REVISION HISTORY: Revision 0: 25 May 2005 Initial release
Revision 1: 1 June 2005 Binary files for B.11.00 and B.11.22 are available. Added information about CAN-2004-1060. The "set ip_pmtu_strategy=0" workaround is required even if binary files are installed. Removed IPSec information.
Revision 2: 19 June 2005 TOUR (Transport Optional Upgrade Release) on B.11.11 and B.11.23 is potentially vulnerable. Added a description of the sequence number check implemented in the binary files.
Revision 3: 27 June 2005 PHNE_33159 is available for B.11.11. The B.11.11 binary files have been removed from the ftp site.
Revision 4: 10 July 2005 PHNE_32606 is available for B.11.23. The B.11.23 binary files have been removed from the ftp site.
HP-UX SPECIFIC SECURITY BULLETINS*: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system.
For more information: http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/ displayProductInfo.pl?productNumber=B6834AA
SUPPORT: For further information, contact normal HP Services support channel.
REPORT: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com. It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To obtain the security-alert PGP key please send an e-mail message to security-alert@hp.com with the Subject of 'get key' (no quotes).
SUBSCRIBE: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA& langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up Under Step1: your IRTC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your IRTC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page Subscriber's choice for Business: sign-in. On the Web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number: GN = HP General SW, MA = HP Management Agents, MI = Misc. 3rd party SW, MP = HP MPE/iX, NS = HP NonStop Servers, OV = HP OpenVMS, PI = HP Printing & Imaging, ST = HP Storage SW, TL = HP Trusted Linux, TU = HP Tru64 UNIX, UX = HP-UX, VV = HP Virtual Vault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
(c)Copyright 2005 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP nor its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBQtJVE+AfOvwtKn1ZEQKwPwCeLKNxE1048xGZniru4epJ6YAqYIcAn2+Y fjKXZ3hbnTeQeIn9Kk9ePC1d =cFE+ -----END PGP SIGNATURE-----
. HP Tru64 UNIX 5.1B-3 HP Tru64 UNIX 5.1B-2/PK4 HP Tru64 UNIX 5.1A PK HP Tru64 UNIX 4.0G PK4 HP Tru64 UNIX 4.0F PK8
BACKGROUND:
Special Instructions for the Customer
The Internet Control Message Protocol (ICMP) (RFC 792) is used in the Internet Architecture to perform fault-isolation and recovery (RFC816), which is the group of actions that hosts and routers take to determine if a network failure has occurred.
The industry standard TCP specification (RFC 793) has a vulnerability whereby ICMP packets can be used to perform a variety of attacks such as blind connection reset attacks and blind throughput-reduction attacks.
Path MTU Discovery (RFC 1191) describes a technique for dynamically discovering the MTU (maximum transmission unit) of an arbitrary internet path. This protocol uses ICMP packets from the router to discover the MTU for a TCP connection path.
HP has addressed these potential vulnerabilities by providing a new kernel tunable in Tru64 UNIX V5.1B and 5.1A, icmp_tcpseqcheck. In Tru64 4.0F and 4.0G, HP has introduced two new kernel tunables, icmp_tcpseqcheck and icmp_rejectcodemask. This behavior protects TCP against spoofed ICMP packets.
Set the tunable as follows:
icmp_tcpseqcheck=1 (default)
Provides a level of protection that reduces the possibility
of considering a spoofed ICMP packet as valid
to one in two raised to the thirty-second power.
icmp_tcpseqcheck=0
Retains existing behavior, i.e., accepts all ICMP packets
icmp_rejectcodemask
In the Requirements for IP Version 4 Routers (RFC 1812), research suggests that the use of ICMP Source Quench packets is an ineffective (and unfair) antidote for congestion. Thus, HP recommends completely ignoring ICMP Source Quench packets using the icmp_rejectcodemask tunable. The icmp_rejectcodemask is a bitmask that designates the ICMP codes that the system should reject. For example, to reject ICMP Source Quench packets, set the mask bit position for the ICMP_SOURCEQUENCH code 4, which is two to the 4th power = 16 (0x10 hex). The icmp_rejectcodemask tunable can be used to reject any ICMP packet type, or multiple masks can be combined to reject more than one type.
Note: the ICMP type codes are defined in "/usr/include/netinet/ip_icmp.h".
Set the tunable as follows:
icmp_rejectcodemask = 0x10
Rejects ICMP Source Quench packets
icmp_rejectcodemask = 0 (default)
Retains existing behavior, i.e., accepts all ICMP packets
Adjusting the variables
The ICMP sequence check variable (icmp_tcpseqcheck) can be adjusted using the sysconfig and sysconfigdb commands:
sysconfig -q inet icmp_tcpseqcheck
inet: icmp_tcpseqcheck = 1
sysconfig -r inet icmp_tcpseqcheck=0
icmp_tcpseqcheck: reconfigured
sysconfig -q inet icmp_tcpseqcheck
inet: icmp_tcpseqcheck = 0
sysconfig -q inet icmp_tcpseqcheck > /tmp/icmp_tcpseqcheck_merge
sysconfigdb -m -f /tmp/icmp_tcpseqcheck_merge inet
sysconfigdb -l inet
inet: icmp_tcpseqcheck = 1
Similarly, the icmp_rejectcodemask variable can be adjusted using the sysconfig and sysconfigdb commands:
sysconfig -q inet icmp_rejectcodemask
inet: icmp_rejectcodemask = 0
sysconfig -r inet icmp_rejectcodemask=0x10
icmp_rejectcodemask: reconfigured
sysconfig -q inet icmp_rejectcodemask
inet: icmp_rejectcodemask = 16
sysconfig -q inet icmp_rejectcodemask
/tmp/icmp_rejectcodemask_merge
sysconfigdb -m -f /tmp/icmp_rejectcodemask_merge inet
sysconfigdb -l inet
inet: icmp_rejectcodemask = 16
RESOLUTION:
Until the corrections are available in a mainstream release patch kit, HP is releasing the following Early Release Patch (ERP) kits publicly for use by any customer.
The ERP kits use dupatch to install and will not install over any installed Customer Specific Patches (CSPs) that have file intersections with the ERPs. Contact your service provider for assistance if the ERP installation is blocked by any of your installed CSPs.
The fixes contained in the ERP kits are scheduled to be available in the following mainstream patch kits:
HP Tru64 Unix 5.1B-4
Early Release Patches
The ERPs deliver the following file:
/sys/BINARY/inet.mod
HP Tru64 UNIX 5.1B-3 ERP Kit Name: T64KIT0025925-V51BB26-ES-20050628 Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do? patchid=T64KIT0025925-V51BB26-ES-20050628 MD5 checksum: 129251787a426320af16cd584b982027
HP Tru64 UNIX 5.1B-2/PK4 ERP Kit Name: T64KIT0025924-V51BB25-ES-20050628 Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do? patchid=T64KIT0025924-V51BB25-ES-20050628 MD5 checksum: 5fcc77a6876db6d10ef07ac96e11b3af
HP Tru64 UNIX 5.1A PK6 ERP Kit Name: T64KIT0025922-V51AB24-ES-20050628 Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do? patchid=T64KIT0025922-V51AB24-ES-20050628 MD5 checksum: 7c373b35c95945651a1cfda96bf71421
HP Tru64 UNIX 4.0G PK4 ERP Kit Name: T64KIT0025920-V40GB22-ES-20050628 Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do? patchid=T64KIT0025920-V40GB22-ES-20050628 MD5 checksum: 13849fd555239d75d300d1cb46dc995f
HP Tru64 UNIX 4.0F PK8 ERP Kit Name: DUXKIT0025921-V40FB22-ES-20050628 Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do? patchid=T64KIT0025920-V40GB22-ES-20050628 MD5 checksum: 743b614d39f185802701b7f2dd14ffa5
MD5 checksums are available from the ITRC patch database main page: http://www.itrc.hp.com/service/patch/mainPage.do - From the patch database main page, click Tru64 UNIX, then click verifying MD5 checksums under useful links.
Want a new IT Security job?
Vacant positions at Secunia: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products ICMP Message Handling Denial of Service
SECUNIA ADVISORY ID: SA14904
VERIFY ADVISORY: http://secunia.com/advisories/14904/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco Content Services Switch 11000 Series (WebNS) http://secunia.com/product/1507/ Cisco Global Site Selector (GSS) 4480 1.x http://secunia.com/product/2270/ Cisco IOS 10.x http://secunia.com/product/184/ Cisco IOS 11.x http://secunia.com/product/183/ Cisco IOS 12.x http://secunia.com/product/182/ Cisco IOS R11.x http://secunia.com/product/53/ Cisco IOS R12.x http://secunia.com/product/50/ Cisco IOS XR (CRS-1) 3.x http://secunia.com/product/4907/ Cisco ONS 15000 Series http://secunia.com/product/684/ Cisco PIX 6.x http://secunia.com/product/56/ Cisco SAN-OS 1.x (MDS 9000 Switches) http://secunia.com/product/3214/
DESCRIPTION: Fernando Gont has published an Internet-Draft describing how ICMP (Internet Control Message Protocol) can be exploited by malicious people to cause a DoS (Denial of Service). Cisco has acknowledged that various Cisco products are affected.
The published Internet-Draft details three types of attacks, which utilize the following ICMP messages to cause a negative impact on TCP connections either terminating or originating from a vulnerable device.
SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml#software
PROVIDED AND/OR DISCOVERED BY: Fernando Gont
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml
NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html
ICMP attacks against TCP: http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
OTHER REFERENCES: RFC1122 (Requirements for Internet Hosts -- Communication Layers): http://www.ietf.org/rfc/rfc1122.txt
RFC1191 (Path MTU Discovery): http://www.ietf.org/rfc/rfc1191.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. The RFC recommends no security checking for in-bound ICMP messages, so long as a related connection exists, and may potentially allow several different Denials of Service.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2004-0790 to this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2004-0791 to this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2004-1060 to this issue. Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
OpenServer 5.0.6 ip and tcp drivers
OpenServer 5.0.7 ip and tcp drivers
-
Solution
The proper solution is to install the latest packages. OpenServer 5.0.6
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4
4.2 Verification
MD5 (VOL.000.000) = 03ed8e901780e1535c113efeba72d8cd
md5 is available for download from ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
The following packages should be installed on your system before you install this fix:
RS506A OSS646 ERG711746: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt ERG712606: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txtUpgrade the affected binaries with the following sequence:
1) Download the VOL* files to a directory.
2) Run the custom command, specify an install from media images, and specify the directory as the location of the images. OpenServer 5.0.7
5.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4
5.2 Verification
MD5 (VOL.000.000) = 03ed8e901780e1535c113efeba72d8cd
md5 is available for download from ftp://ftp.sco.com/pub/security/tools
5.3 Installing Fixed Binaries
The following package should be installed on your system before you install this fix:
OSR507MP4 - OpenServer 5, Release 5.0.7 Maintenance Pack 4Upgrade the affected binaries with the following sequence:
1) Download the VOL* files to a directory.
2) Run the custom command, specify an install from media images, and specify the directory as the location of the images. References
Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1060
SCO security resources: http://www.sco.com/support/security/index.html
SCO security advisories via email http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents sr892503 fz530662 erg712759. Disclaimer
SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. Acknowledgments
The SCO Group would like to thank Fernando Gont for reporting these issues. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) on an active TCP session
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200504-0003",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "10.0"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.8"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.7"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "9.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "nexland isb soho firewall appliance",
"scope": null,
"trust": 1.1,
"vendor": "symantec",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "7.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "switchblade 5400s series",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "switchblade 7800s series",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "switchblade4000",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "centrecom 8624xl series"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "centrecom 8724sl series"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "centrecom 9606 series"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "centrecom 9800 series"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar130"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar160"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar300v2"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar300lv2"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar320"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar720"
},
{
"model": "router",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "ax5400s series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax7800r series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax7800s series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "atm firmware version 1.10 (pogo) ~ 1.39 (smith grind)"
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "ver. 1.x firmware version 1.52 (inkknot) ~ 1.93 (harness)"
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "ver. 2.x firmware version 2.00 (belay) ~ 2.27 (ridge)"
},
{
"model": "seil/plus",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "firmware version 1.00 (snappy) ~ 1.51 (swisssingle)"
},
{
"model": "seil/turbo",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "firmware version 1.00 (union) ~ 1.51 (riodell)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "content switching module",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "css 11000 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "content services switch"
},
{
"model": "css 11500 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "content services switch"
},
{
"model": "global site selector",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 7900 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7940/7960 sip firmware"
},
{
"model": "mds 9000 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "mgx 8250 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "mgx 8850 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6608-e1",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6608-t1",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6624-fxs",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexland pro series firewall appliance",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "100/200/200r"
},
{
"model": "gateway security 300 series",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security 400 series",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security 5300 series",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "v1.0"
},
{
"model": "gateway security 5400 series",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "v2.x"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "1.5 model 1100/1200/1300"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98 scd"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "me"
},
{
"model": "windows server 2003",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "univerge ip8800/s,/r series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "gr2000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "gr4000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "gs3000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "gs4000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ip telephony pstn gateway",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "ip telephony telephone",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "ip-pbx ip mediaserve",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "ip-pbx ip pathfinder series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "pbx e-200 series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "pbx e-3000 series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "pbx es200 series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "pbx es3000 series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "voip gateway ew30ip",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "voip gateway geostreamsi-v series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "voip router lr-v series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch sb series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch sh series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch si-r series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch sr-s series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch sr series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "router geostream si-r series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "router netvehicle series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "8.0"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.3 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tru64 b-2 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "v100"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0.31"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.2"
},
{
"model": "ios 12.2yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ios 12.2yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.5"
},
{
"model": "coat systems sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.1"
},
{
"model": "ios 12.2sz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.2"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "ios 12.3yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "ios 12.2zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"model": "ios 12.2yr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox ii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.1"
},
{
"model": "ios 12.3xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "serverlock",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.0"
},
{
"model": "networks umts",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.3"
},
{
"model": "ios 12.1xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks application switch",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.0xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "serverlock",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12001.5"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.5"
},
{
"model": "ios 12.1da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "soho",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.2"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0.29"
},
{
"model": "ios 12.3 yf2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.1xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks multiprotocol router family asn",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.2.1"
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ios 12.2zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "coat systems sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "3.2.5"
},
{
"model": "m-series router m40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "serverlock",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.0.4"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "networks multiprotocol router family anh",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks baystack switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "420/425/325"
},
{
"model": "ios 12.3xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "25004.5"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2zk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "csm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.6"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "360"
},
{
"model": "ios 12.3ja",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0"
},
{
"model": "windows server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.0wc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tru64 f pk8",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "serverlock",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.0.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3(110)"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "460"
},
{
"model": "gateway security 360r build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.1300"
},
{
"model": "ios 12.2 da8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "45004.6"
},
{
"model": "networks preside mdm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.0xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tour",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "ios 12.1xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks multiprotocol router family pp2430",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.2cx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.4"
},
{
"model": "ios 12.1xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2by",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "53001.0"
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp gold",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "25004.6"
},
{
"model": "ios 12.2xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "windriver",
"version": "4.3.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.9"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0.35"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "m-series router m40e",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios 12.3 yg1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gateway security 360r build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.1415"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks ethernet routing switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "8600"
},
{
"model": "ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7902"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.1"
},
{
"model": "ios 12.0xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(4)"
},
{
"model": "nexland pro800 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "7000"
},
{
"model": "networks baystack switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5510/5520"
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "networks wlan access point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "7220.0"
},
{
"model": "ios 12.1xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "v10"
},
{
"model": "ios 12.1xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ze",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2cy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks shasta router",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.2sxa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2ey",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2 s13",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "6.0"
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nexland pro800turbo firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.6"
},
{
"model": "ios 12.2sxb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "ios 12.2xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "coat systems sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.2"
},
{
"model": "networks gsm",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.1xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.0"
},
{
"model": "ios 12.2xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "nexland pro100 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "200"
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.2yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11001.5"
},
{
"model": "ios 12.2xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.5"
},
{
"model": "ios 12.3xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks optera",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "ios 12.1yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.2"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "1.6"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6608"
},
{
"model": "ios 12.2 seb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firewall/vpn appliance 200r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "windows server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2so",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox ii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.5"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "ios 12.2yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "ios 12.2 t15",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "serverlock",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.0.1"
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.4"
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "v80"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.3"
},
{
"model": "ios 12.2 s3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox .b1140",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "6.0"
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1xv"
},
{
"model": "ios 12.1ev",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2jk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0.28"
},
{
"model": "windows datacenter server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.0xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(3)"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(13)"
},
{
"model": "ios 12.2xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows advanced server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ios 12.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks optivity network management system",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(1)"
},
{
"model": "ios 12.0xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "13001.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "ios 12.1xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "v60"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.1.3"
},
{
"model": "windows professional sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "netcache c630",
"scope": "eq",
"trust": 0.3,
"vendor": "netappliance",
"version": "3.3.1"
},
{
"model": "ios 12.1yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.5"
},
{
"model": "ios 12.1ea",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.0"
},
{
"model": "networks ax7800r",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "45004.5"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.8"
},
{
"model": "ios 12.3xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "tru64 a pk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "networks bayrs",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.3yq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "coat systems sgme",
"scope": null,
"trust": 0.3,
"vendor": "blue",
"version": null
},
{
"model": "ios 12.2 ew3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "coat systems spyware interceptor",
"scope": null,
"trust": 0.3,
"vendor": "blue",
"version": null
},
{
"model": "ios 12.2yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "ios 12.3xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nexland pro400 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "ios 12.2 eu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.1"
},
{
"model": "ios 12.1ex",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.6"
},
{
"model": "ios 12.3xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx pxm1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8850-1.2.11"
},
{
"model": "ios 12.0xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7920"
},
{
"model": "ios 12.2xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(1)"
},
{
"model": "ios 12.2ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.10"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.5"
},
{
"model": "ios 12.3xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6608"
},
{
"model": "networks multiprotocol router family bcn",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(2)"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.7"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(28)"
},
{
"model": "ios 12.2yv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "windriver",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "m-series router m160",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7970"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3.109)"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2eu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "coat systems sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.2.4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.3"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.3"
},
{
"model": "ios 12.1eb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4200"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0.1"
},
{
"model": "networks ax7800s",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "ios 12.3bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "ios 12.3yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ewa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2za",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks univity bssm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.2 ya9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ja",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "15000"
},
{
"model": "ios 12.2zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6624"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "networks vpn router",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.4"
},
{
"model": "ios 12.0xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1az",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(3.100)"
},
{
"model": "ios 12.2da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks multiprotocol router family arn",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.2xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "windows datacenter server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "100"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.1dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.0sl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "t-series router t640",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios 12.2 ey",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.1"
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "6000"
},
{
"model": "ios 12.2xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "ios 12.1eu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "networks baystack bps2000/460/470 switch",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.2zn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ewa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.3(133)"
},
{
"model": "ios 12.1yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7960"
},
{
"model": "ios 12.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks multiprotocol router family bln",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.0sc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "networks baystack 380-24t switch",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.1ey",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2su",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "ios 12.3 xy4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3.102)"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "ios 12.3 yq",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2.111"
},
{
"model": "ios 12.3 yk1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2se",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks ethernet routing switch passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "8300"
},
{
"model": "networks aos",
"scope": null,
"trust": 0.3,
"vendor": "redback",
"version": null
},
{
"model": "ios 12.1eo",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.3xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "networks alteon switched firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5100"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "320"
},
{
"model": "ios 12.1xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "fireboxii",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "4.6"
},
{
"model": "tour",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "ios 12.2xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxd4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "m-series router m10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "windriver",
"version": "5.0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.4"
},
{
"model": "networks multiprotocol router family an",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.7"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7940"
},
{
"model": "ios 12.2yo",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.4"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "440"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15305"
},
{
"model": "ios 12.2zj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ex",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "firebox",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0"
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.2yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ja",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(5)"
},
{
"model": "ios 12.1ax",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "ios 12.2yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(1)"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(27)"
},
{
"model": "coat systems sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1.11"
},
{
"model": "coat systems cacheos",
"scope": null,
"trust": 0.3,
"vendor": "blue",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "ios 12.2 bc2f",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "ios 12.3 yi",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "ios 12.3xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks ax5400s",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "ios 12.3 t4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gateway security 460r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "networks multiprotocol router family pp5430",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "t-series router t320",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "ios 12.2xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "20000"
},
{
"model": "gateway security 360r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(6)"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.2"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2cz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8850"
},
{
"model": "ios 12.2xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "ios 12.2yq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yn",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tru64 g pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "m-series router m20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios 12.0xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows professional sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2 sxb7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "ios 12.2 s7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "m-series router m5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios 12.3ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.9"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3xx"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0xv"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ios 12.2xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "53101.0"
},
{
"model": "ios 12.2zb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.1"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"model": "ios 12.3 t7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15302"
},
{
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks passport",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1100/1150/1200/1250"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks wlan access point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "7250.0"
},
{
"model": "mgx pxm1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8850-1.2.10"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(12)"
},
{
"model": "networks multiservice access switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4400"
},
{
"model": "ios 12.0sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "BID",
"id": "13124"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000244"
},
{
"db": "NVD",
"id": "CVE-2004-0791"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-030"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0791"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fernando Gont",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200504-030"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0791",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2004-0791",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0791",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#415294",
"trust": 0.8,
"value": "12.90"
},
{
"author": "CNNVD",
"id": "CNNVD-200504-030",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000244"
},
{
"db": "NVD",
"id": "CVE-2004-0791"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-030"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the \"ICMP Source Quench attack.\" NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. A vulnerability exists in the reliance of the Border Gateway Protocol (BGP) on the Transmission Control Protocol (TCP) to maintain persistent sessions. Sustained exploitation of this vulnerability could lead to a denial-of-service condition affecting a large segment of the Internet community. Normal operations would most likely resume shortly after the attack stopped. In multiple vendor products TCP The implementation of ICMP Included in error message IP Address and TCP There is a flaw that only validates the port and does not check that the sequence number is in the proper range. This ICMP source quench Established by processing error messages TCP There is a vulnerability that reduces connection throughput. The vulnerability is ICMP Vulnerabilities resulting from message processing (CVE-2004-0790, CVE-2004-0791, CVE-2004-1060) Out of CVE-2004-0791 Vulnerability published as. TCP Due to vulnerabilities that affect implementation, a wide range of products are affected by these vulnerabilities. For more information, NISCC-532967 (JVN) , NISCC Advisory 532967/NISCC/ICMP (CPNI Advisory 00303) Please check also.Intentionally created fraud ICMP By processing error messages TCP Connection is reset, resulting in service disruption (DoS) It can cause a condition. Multiple vendor implementations of TCP/IP Internet Control Message Protocol (ICMP) are reported prone to several denial-of-service attacks. \nICMP is employed by network nodes to determine certain automatic actions to take based on network failures reported by an ICMP message. \nReportedly, the RFC doesn\u0027t recommend security checks for ICMP error messages. As long as an ICMP message contains a valid source and destination IP address and port pair, it will be accepted for an associated connection. \nThe following individual attacks are reported:\n- A blind connection-reset attack. This attack takes advantage of the specification that describes that on receiving a \u0027hard\u0027 ICMP error, the corresponding connection should be aborted. The Mitre ID CAN-2004-0790 is assigned to this issue. \nA remote attacker may exploit this issue to terminate target TCP connections and deny service for legitimate users. \n- An ICMP Source Quench attack. The Mitre ID CAN-2004-0791 is assigned to this issue. \nA remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users. \n- An attack against ICMP PMTUD is reported to affect multiple vendors when they are configured to employ PMTUD. By sending a suitable forged ICMP message to a target host, an attacker may reduce the MTU for a given connection. The Mitre ID CAN-2004-1060 is assigned to this issue. \nA remote attacker may exploit this issue to degrade the performance of TCP connections and partially deny service for legitimate users. \n**Update: Microsoft platforms are also reported prone to these issues. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nHP SECURITY BULLETIN\n\nHPSBUX01164 REVISION: 4\n\nSSRT4884 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS)\n\nNOTICE:\nThere are no restrictions for distribution of this Security\nBulletin provided that it remains complete and intact. \n\nThe information in this Security Bulletin should be acted upon\n as soon as possible. \n\nINITIAL RELEASE:\n10 July 2005\n\nPOTENTIAL SECURITY IMPACT:\nRemote Denial of Service (DoS)\n\nSOURCE:\nHewlett-Packard Company\nHP Software Security Response Team\n\nVULNERABILITY SUMMARY:\nA potential security vulnerability has been identified with HP-UX\nrunning TCP/IP. This vulnerability could be remotely exploited by\nan unauthorized user to cause a Denial of Service(DoS). \n\nREFERENCES:\nNISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.00, B.11.04, B.11.11, B.11.22, B.11.23 running TCP/IP. \nHP-UX B.11.11 and B.11.23 running TOUR (Transport Optional Upgrade\nRelease). \n\nBACKGROUND:\n\n AFFECTED VERSIONS\n\n HP-UX B.11.22\n HP-UX B.11.00\n =============\n Networking.NET2-KRN\n action: set ip_pmtu_strategy= 0 and either install binary\n files or filter ICMP\n\n HP-UX B.11.11\n =============\n Networking.NET2-KRN\n action: set ip_pmtu_strategy= 0 and install PHNE_33159\n\n HP-UX B.11.23\n =============\n Networking.NET2-KRN\n -\u003eaction: set ip_pmtu_strategy= 0 and install PHNE_32606\n\n HP-UX B.11.11\n HP-UX B.11.23\n =============\n TOUR_PRODUCT.T-NET2-KRN\n action: set ip_pmtu_strategy= 0 and filter ICMP\n\n\n HP-UX B.11.04\n =============\n Networking.NET2-KRN\n action: set ip_pmtu_strategy= 0 and filter ICMP\n\n END AFFECTED VERSIONS\n\n\n Note: The latest TOUR (Transport Optional Upgrade Release),\n version 2.4, is available on B.11.11 only. The latest\n Transport Functionality is available to B.11.23 customers\n in the HP-UX 11i v2 September 2004 release. Customers\n using TOUR on B.11.23 can apply the workaround (set\n ip_pmtu_strategy= 0 and filter ICMP) or upgrade to the\n HP-UX 11i v2 September 2004 release. After upgrading the\n action for B.11.23 Networking.NET2-KRN listed above should\n be implemented. \n\n\u003chttp://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?\nlang=en\u003e\n\nThere are three issues reported in NISCC VU#532967:\n\n CVE number: CAN-2004-0790\n \u003chttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0790\u003e\n CVE number: CAN-2004-0791\n \u003chttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0791\u003e\n CVE number: CAN-2004-1060\n \u003chttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1060\u003e\n\nWorkarounds are available for all three of these issues. \n\nUntil binary files are available for B.11.04 the workarounds\nshould be used. \n\n\n -\u003eBinary files are available for CAN-2004-0790 and CAN-2004-0791\nfor HP-UX B.11.00 and B.11.22. \n\nSince PHNE_33159 is now available for B.11.11 the preliminary\nbinary files for B.11.11 have been removed from the ftp site. \n\n -\u003eSince PHNE_32606 is now available for B.11.23 the preliminary\nbinary files for B.11.23 have been removed from the ftp site. \n\n\nNote: If the TOUR (Transport Optional Upgrade Release) product is\n installed the binary files cannot be used. \n\nUntil the TOUR product is revised there are several options:\n\n B.11.11\n 1. Use the workarounds. \n or\n 2. Remove TOUR and install the binary files. \n\n B.11.23\n 1. Use the workarounds. \n or\n 2. Upgrade to the HP-UX 11i v2 September 2004 release\n and install the binary files. \n\nTOUR(Transport Optional Upgrade Release) is available from\n\u003chttp://www.hp.com/go/softwaredepot\u003e. \n\n\nWorkaround for CAN-2004-1060 may not be necessary. \n===================================\nAlthough changes in the binary files and patches for CAN-2004-0790\nand CAN-2004-0791 do not prevent the exploit of CAN-2004-1060,\nthey do make it less likely to succeed. The sequence number check\nsuggested in section 5.1 of \u003chttp://www.ietf.org/internet-drafts/\ndraft-gont-tcpm-icmp-attacks-03.txt\u003e has been implemented. \nCustomers should consider whether this check reduces the risk of\nthe exploit to the point that setting ip_pmtu_strategy=0 is not\nrequired. \n\nIf the workaround for CAN-2004-1060 is to be used, please note\nthe following:\n=================================================\nHPSBUX01137 recommends setting ip_pmtu_strategy = 0 or 3 as a\nworkaround for the problem of CAN-2005-1192. CAN-2004-1060 has a\ndifferent root cause and cannot be worked around with\np_pmtu_strategy=3. To work around both CAN-2005-1192 and\nCAN-2004-1060 ip_pmtu_strategy=0 must be used. \n\nPlease refer to the Manual Actions section below for a summary of\nthe required actions. \n\nWorkarounds:\n\n CAN-2004-0790 and CAN-2004-0791\n\n Filter out the following ICMP messages:\n\n Type 3, Code 2 (Destination Unreachable, Protocol Unreachable)\n Type 3, Code 3 (Destination Unreachable, Port Unreachable)\n Type 4, Code 0 (Source Quench)\n\n CAN-2004-1060\n\n Set ip_pmtu_strategy=0. \n\nNote: Filtering \"Protocol Unreachable\" and \"Port Unreachable\"\n should not be done without careful testing. Filtering these\n out may interfere with the correct functioning of network\n components. \n Filtering \"Source Quench\" should present little risk. \n\n\nSetting ip_pmtu_strategy=0\n==================\nEdit /etc/rc.config.d/nddconf to add the following:\n\nTRANSPORT_NAME[n]=ip\nNDD_NAME[n]=ip_pmtu_strategy\nNDD_VALUE[n]=0\n\nwhere \u0027n\u0027 is the next available index value as described in the\nnddconf comments. \n\nThis value will take effect when the system is rebooted. \nUntil the system can be rebooted use the following command\nto read the /etc/rc.config.d/nddconf file and set the tunable\nparameters:\n\n /usr/bin/ndd -c\n\nThe ip_pmtu_strategy parameter can be displayed by the\nfollowing command:\n\n /usr/bin/ndd -get /dev/ip ip_pmtu_strategy\n\nNote: Since open connections will remain potentially vulnerable\n until they are closed and certain internal data structures\n are released it is recommended that the system be rebooted. \n\nNote: There is a defect that will cause \"ndd -c\" to fail if there\n are more than 10 directives in /etc/rc.config.d/nddconf. \n That defect is fixed in the following patches:\n\n B.11.11 - PHNE_25644 or subsequent\n B.11.04 - PHNE_26076 or subsequent\n B.11.00 - PHNE_26125 or subsequent\n\n\nPreliminary binary files\n==============\n\n -\u003ePreliminary binary files are available for B.11.00 and B.11.22. \nPatches are available for B.11.11 and B.11.23. The patches and\nthe preliminary binary files address CAN-2004-0790 and\nCAN-2004-0791 only. Although changes in the patches and binary\nfiles for CAN-2004-0790 and CAN-2004-0791 do not prevent the\nexploit of CAN-2004-1060, they do make it less likely to succeed. \n\nInstructions for downloading and installing the binary files are\ncontained in readme files available here:\n\n System: hprc.external.hp.com (192.170.19.51)\n Login: icmp\n Password: icmp\n\n FTP Access:\n ftp://icmp:icmp@hprc.external.hp.com/\n or: ftp://icmp:icmp@192.170.19.51/\n Note: The links above may not work for all browsers. If the\n link fails the url should be entered directly into the\n browser\u0027s address field. \n\nSince a patch is available for B.11.11 the readme.11.11.txt and\ncorresponding binary files have been removed from the ftp site. \n\n -\u003eSince a patch is available for B.11.23 the readme.11.23.txt and\ncorresponding binary files have been removed from the ftp site. \n\n\nDownload the appropriate readme file containing further\ninstructions:\n\n readme.11.00.txt\n readme.11.22.txt\n\nVerify the cksum or md5sum:\n\n -\u003eNote: The readme files have not changed since rev.1 of this\n Security Bulletin. \n\n cksum readme*\n 2844254744 2546 readme.11.00.txt\n 2836317466 2469 readme.11.22.txt\n\n md5sum readme*\n d28504f8532192de6a4f33bba4ea90ec readme.11.00.txt\n cafbb24f3dc7131501142f75deaeccbd readme.11.22.txt\n\nDownload and install the binary files as discussed in the readme\nfiles. The binary files are available in the same directory as\nthe readme files. \n\nFor B.11.11 download and install PHNE_33159. The patch is\navailable from \u003c http://itrc.hp.com\u003e. \n\n -\u003eFor B.11.23 download and install PHNE_32606. The patch is\navailable from \u003c http://itrc.hp.com\u003e. \n\n\n\nMANUAL ACTIONS: Yes - NonUpdate\n1. Set ip_pmtu_strategy=0\n\n2. EITHER\n a. Filter out the following ICMP messages:\n\n Type 3, Code 2 (Destination Unreachable, Protocol Unreachable)\n Type 3, Code 3 (Destination Unreachable, Port Unreachable)\n Type 4, Code 0 (Source Quench)\n\n OR\n\n b. Install the appropriate binary file or patch (binary file\n not available for B.11.04). \n\nBULLETIN REVISION HISTORY:\nRevision 0: 25 May 2005\n Initial release\n\nRevision 1: 1 June 2005\n Binary files for B.11.00 and B.11.22 are available. \n Added information about CAN-2004-1060. \n The \"set ip_pmtu_strategy=0\" workaround is required even if\n binary files are installed. \n Removed IPSec information. \n\nRevision 2: 19 June 2005\n TOUR (Transport Optional Upgrade Release) on B.11.11 and B.11.23\n is potentially vulnerable. \n Added a description of the sequence number check implemented in\n the binary files. \n\nRevision 3: 27 June 2005\n PHNE_33159 is available for B.11.11. The B.11.11 binary files\n have been removed from the ftp site. \n\nRevision 4: 10 July 2005\n PHNE_32606 is available for B.11.23. The B.11.23 binary files\n have been removed from the ftp site. \n\n\n\nHP-UX SPECIFIC SECURITY BULLETINS*: Security Patch Check revision\nB.02.00 analyzes all HP-issued Security Bulletins to provide a\nsubset of recommended actions that potentially affect a specific\nHP-UX system. \n\nFor more information:\nhttp://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/\ndisplayProductInfo.pl?productNumber=B6834AA\n\n\nSUPPORT: For further information, contact normal HP Services\nsupport channel. \n\nREPORT: To report a potential security vulnerability with any HP\nsupported product, send Email to: security-alert@hp.com. It is\nstrongly recommended that security related information being\ncommunicated to HP be encrypted using PGP, especially exploit\ninformation. To obtain the security-alert PGP key please send an\ne-mail message to security-alert@hp.com with the Subject of\n\u0027get key\u0027 (no quotes). \n\nSUBSCRIBE: To initiate a subscription to receive future HP\nSecurity Bulletins via Email:\n\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026\nlangcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\n\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your IRTC security bulletins and patches\n - check ALL categories for which alerts are required and\n continue. \nUnder Step2: your IRTC operating systems\n - verify your operating system selections are checked and\n save. \n\nTo update an existing subscription:\nhttp://h30046.www3.hp.com/subSignIn.php\n\nLog in on the web page\n Subscriber\u0027s choice for Business: sign-in. \nOn the Web page:\n Subscriber\u0027s Choice: your profile summary\n - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit:\nhttp://itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\n relates to is represented by the 5th and 6th characters of the\n Bulletin number:\n GN = HP General SW,\n MA = HP Management Agents,\n MI = Misc. 3rd party SW,\n MP = HP MPE/iX,\n NS = HP NonStop Servers,\n OV = HP OpenVMS,\n PI = HP Printing \u0026 Imaging,\n ST = HP Storage SW,\n TL = HP Trusted Linux,\n TU = HP Tru64 UNIX,\n UX = HP-UX,\n VV = HP Virtual Vault\n\nSystem management and security procedures must be reviewed\nfrequently to maintain system integrity. HP is continually\nreviewing and enhancing the security features of software products\nto provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to\nbring to the attention of users of the affected HP products the\nimportant security information contained in this Bulletin. HP\nrecommends that all users determine the applicability of this\ninformation to their individual situations and take appropriate\naction. HP does not warrant that this information is necessarily\naccurate or complete for all user situations and, consequently, HP\nwill not be responsible for any damages resulting from user\u0027s use\nor disregard of the information provided in this Bulletin. To the\nextent permitted by law, HP disclaims all warranties, either\nexpress or implied, including the warranties of merchantability\nand fitness for a particular purpose, title and non-infringement.\"\n\n\n(c)Copyright 2005 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or\neditorial errors or omissions contained herein. The information\nprovided is provided \"as is\" without warranty of any kind. To the\nextent permitted by law, neither HP nor its affiliates,\nsubcontractors or suppliers will be liable for incidental, special\nor consequential damages including downtime cost; lost profits;\ndamages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. \nThe information in this document is subject to change without\nnotice. Hewlett-Packard Company and the names of Hewlett-Packard\nproducts referenced herein are trademarks of Hewlett-Packard\nCompany in the United States and other countries. Other product\nand company names mentioned herein may be trademarks of their\nrespective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBQtJVE+AfOvwtKn1ZEQKwPwCeLKNxE1048xGZniru4epJ6YAqYIcAn2+Y\nfjKXZ3hbnTeQeIn9Kk9ePC1d\n=cFE+\n-----END PGP SIGNATURE-----\n\n. \nHP Tru64 UNIX 5.1B-3\nHP Tru64 UNIX 5.1B-2/PK4\nHP Tru64 UNIX 5.1A PK\nHP Tru64 UNIX 4.0G PK4\nHP Tru64 UNIX 4.0F PK8\n\nBACKGROUND:\n\nSpecial Instructions for the Customer\n\nThe Internet Control Message Protocol (ICMP) (RFC 792) is used in\nthe Internet Architecture to perform fault-isolation and recovery\n(RFC816), which is the group of actions that hosts and routers\ntake to determine if a network failure has occurred. \n\nThe industry standard TCP specification (RFC 793) has a\nvulnerability whereby ICMP packets can be used to perform a\nvariety of attacks such as blind connection reset attacks and\nblind throughput-reduction attacks. \n\nPath MTU Discovery (RFC 1191) describes a technique for\ndynamically discovering the MTU (maximum transmission unit) of an\narbitrary internet path. This protocol uses ICMP packets from\nthe router to discover the MTU for a TCP connection path. \n\nHP has addressed these potential vulnerabilities by providing a\nnew kernel tunable in Tru64 UNIX V5.1B and 5.1A,\nicmp_tcpseqcheck. In Tru64 4.0F and 4.0G, HP has introduced two\nnew kernel tunables, icmp_tcpseqcheck and icmp_rejectcodemask. This behavior protects TCP\nagainst spoofed ICMP packets. \n\nSet the tunable as follows:\n\n icmp_tcpseqcheck=1 (default)\n\n Provides a level of protection that reduces the possibility\n of considering a spoofed ICMP packet as valid\n to one in two raised to the thirty-second power. \n\n icmp_tcpseqcheck=0\n\n Retains existing behavior, i.e., accepts all ICMP packets\n\nicmp_rejectcodemask\n\nIn the Requirements for IP Version 4 Routers (RFC 1812), research\nsuggests that the use of ICMP Source Quench packets is an\nineffective (and unfair) antidote for congestion. Thus, HP\nrecommends completely ignoring ICMP Source Quench packets using\nthe icmp_rejectcodemask tunable. The icmp_rejectcodemask is a\nbitmask that designates the ICMP codes that the system should\nreject. For example, to reject ICMP Source Quench packets,\nset the mask bit position for the ICMP_SOURCEQUENCH code 4,\nwhich is two to the 4th power = 16 (0x10 hex). \nThe icmp_rejectcodemask tunable can be used to reject any\nICMP packet type, or multiple masks can be combined to reject\nmore than one type. \n\nNote: the ICMP type codes are defined in\n \"/usr/include/netinet/ip_icmp.h\". \n\n Set the tunable as follows:\n\n icmp_rejectcodemask = 0x10\n\n Rejects ICMP Source Quench packets\n\n icmp_rejectcodemask = 0 (default)\n\n Retains existing behavior, i.e., accepts all ICMP packets\n\nAdjusting the variables\n\nThe ICMP sequence check variable (icmp_tcpseqcheck) can be\nadjusted using the sysconfig and sysconfigdb commands:\n\n# sysconfig -q inet icmp_tcpseqcheck\ninet:\nicmp_tcpseqcheck = 1\n# sysconfig -r inet icmp_tcpseqcheck=0\nicmp_tcpseqcheck: reconfigured\n# sysconfig -q inet icmp_tcpseqcheck\ninet:\nicmp_tcpseqcheck = 0\n# sysconfig -q inet icmp_tcpseqcheck \u003e /tmp/icmp_tcpseqcheck_merge\n# sysconfigdb -m -f /tmp/icmp_tcpseqcheck_merge inet\n# sysconfigdb -l inet\n\ninet:\n icmp_tcpseqcheck = 1\n\nSimilarly, the icmp_rejectcodemask variable can be adjusted using\nthe sysconfig and sysconfigdb commands:\n\n# sysconfig -q inet icmp_rejectcodemask\ninet:\nicmp_rejectcodemask = 0\n# sysconfig -r inet icmp_rejectcodemask=0x10\nicmp_rejectcodemask: reconfigured\n# sysconfig -q inet icmp_rejectcodemask\ninet:\nicmp_rejectcodemask = 16\n# sysconfig -q inet icmp_rejectcodemask\n \u003e /tmp/icmp_rejectcodemask_merge\n# sysconfigdb -m -f /tmp/icmp_rejectcodemask_merge inet\n# sysconfigdb -l inet\n\ninet:\n icmp_rejectcodemask = 16\n\nRESOLUTION:\n\nUntil the corrections are available in a mainstream\nrelease patch kit, HP is releasing the following Early Release\nPatch (ERP) kits publicly for use by any customer. \n\nThe ERP kits use dupatch to install and will not install over\nany installed Customer Specific Patches (CSPs) that have file\nintersections with the ERPs. Contact your service provider for\nassistance if the ERP installation is blocked by any of your\ninstalled CSPs. \n\nThe fixes contained in the ERP kits are scheduled to be\navailable in the following mainstream patch kits:\n\n HP Tru64 Unix 5.1B-4\n\nEarly Release Patches\n\nThe ERPs deliver the following file:\n\n/sys/BINARY/inet.mod\n\nHP Tru64 UNIX 5.1B-3 ERP Kit Name:\n T64KIT0025925-V51BB26-ES-20050628\nKit Location:\n http://www.itrc.hp.com/service/patch/patchDetail.do?\n patchid=T64KIT0025925-V51BB26-ES-20050628\nMD5 checksum: 129251787a426320af16cd584b982027\n\nHP Tru64 UNIX 5.1B-2/PK4 ERP Kit Name:\n T64KIT0025924-V51BB25-ES-20050628\nKit Location:\n http://www.itrc.hp.com/service/patch/patchDetail.do?\n patchid=T64KIT0025924-V51BB25-ES-20050628\nMD5 checksum: 5fcc77a6876db6d10ef07ac96e11b3af\n\nHP Tru64 UNIX 5.1A PK6 ERP Kit Name:\n T64KIT0025922-V51AB24-ES-20050628\nKit Location:\n http://www.itrc.hp.com/service/patch/patchDetail.do?\n patchid=T64KIT0025922-V51AB24-ES-20050628\nMD5 checksum: 7c373b35c95945651a1cfda96bf71421\n\nHP Tru64 UNIX 4.0G PK4 ERP Kit Name:\n T64KIT0025920-V40GB22-ES-20050628\nKit Location:\n http://www.itrc.hp.com/service/patch/patchDetail.do?\n patchid=T64KIT0025920-V40GB22-ES-20050628\nMD5 checksum: 13849fd555239d75d300d1cb46dc995f\n\nHP Tru64 UNIX 4.0F PK8 ERP Kit Name:\n DUXKIT0025921-V40FB22-ES-20050628\nKit Location:\n http://www.itrc.hp.com/service/patch/patchDetail.do?\n patchid=T64KIT0025920-V40GB22-ES-20050628\nMD5 checksum: 743b614d39f185802701b7f2dd14ffa5\n\nMD5 checksums are available from the ITRC patch database main\npage:\n http://www.itrc.hp.com/service/patch/mainPage.do\n- From the patch database main page, click Tru64 UNIX,\nthen click verifying MD5 checksums under useful links. \n----------------------------------------------------------------------\n\nWant a new IT Security job?\n\nVacant positions at Secunia:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products ICMP Message Handling Denial of Service\n\nSECUNIA ADVISORY ID:\nSA14904\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/14904/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco Content Services Switch 11000 Series (WebNS)\nhttp://secunia.com/product/1507/\nCisco Global Site Selector (GSS) 4480 1.x\nhttp://secunia.com/product/2270/\nCisco IOS 10.x\nhttp://secunia.com/product/184/\nCisco IOS 11.x\nhttp://secunia.com/product/183/\nCisco IOS 12.x\nhttp://secunia.com/product/182/\nCisco IOS R11.x\nhttp://secunia.com/product/53/\nCisco IOS R12.x\nhttp://secunia.com/product/50/\nCisco IOS XR (CRS-1) 3.x\nhttp://secunia.com/product/4907/\nCisco ONS 15000 Series\nhttp://secunia.com/product/684/\nCisco PIX 6.x\nhttp://secunia.com/product/56/\nCisco SAN-OS 1.x (MDS 9000 Switches)\nhttp://secunia.com/product/3214/\n\nDESCRIPTION:\nFernando Gont has published an Internet-Draft describing how ICMP\n(Internet Control Message Protocol) can be exploited by malicious\npeople to cause a DoS (Denial of Service). Cisco has acknowledged\nthat various Cisco products are affected. \n\nThe published Internet-Draft details three types of attacks, which\nutilize the following ICMP messages to cause a negative impact on TCP\nconnections either terminating or originating from a vulnerable\ndevice. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nFernando Gont\n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html\n\nICMP attacks against TCP:\nhttp://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html\n\nOTHER REFERENCES:\nRFC1122 (Requirements for Internet Hosts -- Communication Layers):\nhttp://www.ietf.org/rfc/rfc1122.txt\n\nRFC1191 (Path MTU Discovery):\nhttp://www.ietf.org/rfc/rfc1191.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n. The RFC recommends no security checking\n \tfor in-bound ICMP messages, so long as a related connection\n \texists, and may potentially allow several different Denials of\n \tService. \n\n \tThe Common Vulnerabilities and Exposures project (cve.mitre.org)\n \thas assigned the name CVE-2004-0790 to this issue. \n\n \tThe Common Vulnerabilities and Exposures project (cve.mitre.org)\n \thas assigned the name CVE-2004-0791 to this issue. \n\n \tThe Common Vulnerabilities and Exposures project (cve.mitre.org)\n \thas assigned the name CVE-2004-1060 to this issue. Vulnerable Supported Versions\n\n \tSystem\t\t\t\tBinaries\n \t----------------------------------------------------------------------\n \tOpenServer 5.0.6 \t\tip and tcp drivers\n \tOpenServer 5.0.7 \t\tip and tcp drivers\n\n\n3. Solution\n\n \tThe proper solution is to install the latest packages. OpenServer 5.0.6\n\n \t4.1 Location of Fixed Binaries\n\n \tftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4\n\n\n \t4.2 Verification\n\n \tMD5 (VOL.000.000) = 03ed8e901780e1535c113efeba72d8cd\n\n \tmd5 is available for download from\n \t\tftp://ftp.sco.com/pub/security/tools\n\n\n \t4.3 Installing Fixed Binaries\n\n \tThe following packages should be installed on your system before\n \tyou install this fix:\n\n \t\tRS506A\n \t\tOSS646\n \t\tERG711746: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt\n \t\tERG712606: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt\n\n \tUpgrade the affected binaries with the following sequence:\n\n \t1) Download the VOL* files to a directory. \n\n \t2) Run the custom command, specify an install from media images,\n \t and specify the directory as the location of the images. OpenServer 5.0.7\n\n \t5.1 Location of Fixed Binaries\n\n \tftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4\n\n\n \t5.2 Verification\n\n \tMD5 (VOL.000.000) = 03ed8e901780e1535c113efeba72d8cd\n\n \tmd5 is available for download from\n \t\tftp://ftp.sco.com/pub/security/tools\n\n\n \t5.3 Installing Fixed Binaries\n\n \tThe following package should be installed on your system before\n \tyou install this fix:\n\n \t\tOSR507MP4 - OpenServer 5, Release 5.0.7 Maintenance Pack 4\n\n \tUpgrade the affected binaries with the following sequence:\n\n \t1) Download the VOL* files to a directory. \n\n \t2) Run the custom command, specify an install from media images,\n \t and specify the directory as the location of the images. References\n\n \tSpecific references for this advisory:\n \t\thttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0790\n \t\thttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0791\n \t\thttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1060\n\n \tSCO security resources:\n \t\thttp://www.sco.com/support/security/index.html\n\n \tSCO security advisories via email\n \t\thttp://www.sco.com/support/forums/security.html\n\n \tThis security fix closes SCO incidents sr892503 fz530662\n \terg712759. Disclaimer\n\n \tSCO is not responsible for the misuse of any of the information\n \twe provide on this website and/or through our security\n \tadvisories. Our advisories are a service to our customers\n \tintended to promote secure installation and use of SCO\n \tproducts. Acknowledgments\n\n \tThe SCO Group would like to thank Fernando Gont for reporting\n \tthese issues. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. This fixes some\nvulnerabilities, which can be exploited by malicious people to cause\na DoS (Denial of Service) on an active TCP session",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0791"
},
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000244"
},
{
"db": "BID",
"id": "13124"
},
{
"db": "PACKETSTORM",
"id": "38779"
},
{
"db": "PACKETSTORM",
"id": "38762"
},
{
"db": "PACKETSTORM",
"id": "37143"
},
{
"db": "PACKETSTORM",
"id": "42808"
},
{
"db": "PACKETSTORM",
"id": "42811"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0791",
"trust": 3.0
},
{
"db": "BID",
"id": "13124",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "18317",
"trust": 1.7
},
{
"db": "SREASON",
"id": "19",
"trust": 1.6
},
{
"db": "SREASON",
"id": "57",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#415294",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#222750",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "14904",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "4030",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000244",
"trust": 0.8
},
{
"db": "REDHAT",
"id": "RHSA-2005:017",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:043",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:016",
"trust": 0.6
},
{
"db": "SCO",
"id": "SCOSA-2006.4",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "101658",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57746",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1112",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:184",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:688",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:726",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:596",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:464",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FLSA:157459-1",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FLSA:157459-2",
"trust": 0.6
},
{
"db": "HP",
"id": "HPSBUX01164",
"trust": 0.6
},
{
"db": "HP",
"id": "HPSBTU01210",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200504-030",
"trust": 0.6
},
{
"db": "USCERT",
"id": "TA04-111A",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "38779",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38762",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37143",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42808",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42811",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "BID",
"id": "13124"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000244"
},
{
"db": "PACKETSTORM",
"id": "38779"
},
{
"db": "PACKETSTORM",
"id": "38762"
},
{
"db": "PACKETSTORM",
"id": "37143"
},
{
"db": "PACKETSTORM",
"id": "42808"
},
{
"db": "PACKETSTORM",
"id": "42811"
},
{
"db": "NVD",
"id": "CVE-2004-0791"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-030"
}
]
},
"id": "VAR-200504-0003",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.7148783
},
"last_update_date": "2023-12-18T11:41:35.498000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20050412-icmp",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml"
},
{
"title": "HPSBUX01164",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00576017"
},
{
"title": "HPSBUX01164",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux01164.html"
},
{
"title": "IY70028",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy70028"
},
{
"title": "IY70027",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy70027"
},
{
"title": "IY70026",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy70026"
},
{
"title": "si-050517a",
"trust": 0.8,
"url": "https://www-06.ibm.com/jp/services/security/secinfo/si-050517a.html"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"title": "RHSA-2005:043",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-043.html"
},
{
"title": "RHSA-2005:016",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-016.html"
},
{
"title": "RHSA-2005:017",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-017.html"
},
{
"title": "TCP \u5b9f\u88c5\u306e ICMP \u30a8\u30e9\u30fc\u30e1\u30c3\u30bb\u30fc\u30b8\u306e\u51e6\u7406\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www.seil.jp/seilseries/news/snote/_snote_20050727.html"
},
{
"title": "101658",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1"
},
{
"title": "101658",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-3"
},
{
"title": "SYM05-008",
"trust": 0.8,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.05.02.html"
},
{
"title": "cisco-sa-20050412-icmp",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20050412-icmp-j.shtml"
},
{
"title": "SYM05-008",
"trust": 0.8,
"url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.05.02.html"
},
{
"title": "ICMP+TCP\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20050412.html"
},
{
"title": "AX-VU2005-01",
"trust": 0.8,
"url": "http://www.alaxala.com/jp/support/security/icmp-20050412.html"
},
{
"title": "HCVU000000001",
"trust": 0.8,
"url": "http://www.hitachi-cable.co.jp/infosystem/support/security/hcvu000000001.html"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms05-019.mspx"
},
{
"title": "RHSA-2005:043",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-043j.html"
},
{
"title": "RHSA-2005:016",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-016j.html"
},
{
"title": "RHSA-2005:017",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-017j.html"
},
{
"title": "\u300cTCP\u5b9f\u88c5\u306b\u304a\u3051\u308bICMP\u30a8\u30e9\u30fc\u30e1\u30c3\u30bb\u30fc\u30b8\u51e6\u7406\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u300d\u5bfe\u7b56\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/network/notice/niscc-532967.html"
},
{
"title": "TCP\u306e\u8106\u5f31\u6027\uff08NISCC Vulnerability Advisory 236929\uff09\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.nec.co.jp/bnwjh/topics_001.html"
},
{
"title": "IX5000/IX5500\u30b7\u30ea\u30fc\u30ba TCP\u5b9f\u88c5\u306eICMP\u30a8\u30e9\u30fc\u30e1\u30c3\u30bb\u30fc\u30b8\u306e\u51e6\u7406\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u306e\u5831\u544a",
"trust": 0.8,
"url": "http://www.nec.co.jp/ixseries/ix5k/tcp/tcp20050415.html"
},
{
"title": "\u300cTCP\u5b9f\u88c5\u306b\u304a\u3051\u308bICMP\u30a8\u30e9\u30fc\u30e1\u30c3\u30bb\u30fc\u30b8\u51e6\u7406\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u300d",
"trust": 0.8,
"url": "http://www.nec.co.jp/ip88n/icmp.html"
},
{
"title": "ICMP\u4f7f\u7528\u6642\u306bTCP\u30bb\u30c3\u30b7\u30e7\u30f3\u304c\u963b\u5bb3\u3055\u308c\u308b\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5bfe\u5fdc\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://fenics.fujitsu.com/products/support/2006/icmp_0119.html"
},
{
"title": "532967/NISCC/ICMP",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/niscc532967.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000244"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0791"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/13124"
},
{
"trust": 1.9,
"url": "http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt"
},
{
"trust": 1.9,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1"
},
{
"trust": 1.7,
"url": "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html"
},
{
"trust": 1.6,
"url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2006.4/scosa-2006.4.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/18317"
},
{
"trust": 1.6,
"url": "http://securityreason.com/securityalert/19"
},
{
"trust": 1.6,
"url": "http://securityreason.com/securityalert/57"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2005-016.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2005-017.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2005-043.html"
},
{
"trust": 1.6,
"url": "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/222750"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/14904/"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=112861397904255\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/418882/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1112"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a184"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a464"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a596"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a688"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a726"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0791"
},
{
"trust": 0.8,
"url": "http://www.uniras.gov.uk/niscc/docs/al-20040420-00199.html?lang=en"
},
{
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20040420-00391.pdf"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3562.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2385.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc1323.txt"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=4030"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/p-177.shtml"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20050412-00303.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2005/0344"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/draft-gont-tcpm-icmp-attacks-03"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20050413-ms05-019.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-532967/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0791"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20050412-00303.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/2005/20050414_195834.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/428058/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/428028/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/418882/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=112861397904255\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:726"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:688"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:596"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:464"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:184"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1112"
},
{
"trust": 0.3,
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=29\u0026subcategory=1\u0026subtype=\u0026documentoid=326515"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-217.htm"
},
{
"trust": 0.3,
"url": "http://www.alaxala.com/jp/support/icmp-20050412.html"
},
{
"trust": 0.3,
"url": "http://www.f5.com/f5products/bigip/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080436587.shtml"
},
{
"trust": 0.3,
"url": "http://archives.neohapsis.com/archives/openbsd/cvs/2005-06/0889.html"
},
{
"trust": 0.3,
"url": "http://archives.neohapsis.com/archives/openbsd/cvs/2005-05/0773.html"
},
{
"trust": 0.3,
"url": "http://www.cymru.com/documents/icmp-messages.html"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?rs=118\u0026uid=isg1iy70026"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx"
},
{
"trust": 0.3,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/38.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2005-043.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/advisory_icmp_error_message_vulnerabilities.html"
},
{
"trust": 0.3,
"url": "http://tech.f5.com/home/bigip/solutions/advisories/sol4583.html"
},
{
"trust": 0.3,
"url": "http://tech.f5.com/home/bigip-next/solutions/advisories/sol4584.html"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbtu01210"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1\u0026searchclause=2"
},
{
"trust": 0.3,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.05.02.html"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/cas/techalerts/ta04-111a.html"
},
{
"trust": 0.3,
"url": "http://www.sco.com/support/update/download/release.php?rid=58"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/415294"
},
{
"trust": 0.3,
"url": "/archive/1/404535"
},
{
"trust": 0.3,
"url": "/archive/1/406296"
},
{
"trust": 0.3,
"url": "/archive/1/405764"
},
{
"trust": 0.3,
"url": "/archive/1/405771"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0790"
},
{
"trust": 0.2,
"url": "http://itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0791"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-1060"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-1060\u003e"
},
{
"trust": 0.1,
"url": "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0790\u003e"
},
{
"trust": 0.1,
"url": "http://www.hp.com/go/softwaredepot\u003e."
},
{
"trust": 0.1,
"url": "http://itrc.hp.com\u003e."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/internet-drafts/"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0791\u003e"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/mainpage.do"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2001-0328"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/mainpage"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1507/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1191.txt"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/56/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/182/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/50/"
},
{
"trust": 0.1,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/184/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4907/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1122.txt"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/684/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml#software"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/183/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2270/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/53/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3214/"
},
{
"trust": 0.1,
"url": "http://www.sco.com/support/security/index.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0790"
},
{
"trust": 0.1,
"url": "http://www.sco.com/support/forums/security.html"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-1060"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18317/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/137/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "BID",
"id": "13124"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000244"
},
{
"db": "PACKETSTORM",
"id": "38779"
},
{
"db": "PACKETSTORM",
"id": "38762"
},
{
"db": "PACKETSTORM",
"id": "37143"
},
{
"db": "PACKETSTORM",
"id": "42808"
},
{
"db": "PACKETSTORM",
"id": "42811"
},
{
"db": "NVD",
"id": "CVE-2004-0791"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-030"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#415294"
},
{
"db": "BID",
"id": "13124"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000244"
},
{
"db": "PACKETSTORM",
"id": "38779"
},
{
"db": "PACKETSTORM",
"id": "38762"
},
{
"db": "PACKETSTORM",
"id": "37143"
},
{
"db": "PACKETSTORM",
"id": "42808"
},
{
"db": "PACKETSTORM",
"id": "42811"
},
{
"db": "NVD",
"id": "CVE-2004-0791"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-030"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-04-20T00:00:00",
"db": "CERT/CC",
"id": "VU#415294"
},
{
"date": "2005-04-12T00:00:00",
"db": "BID",
"id": "13124"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000244"
},
{
"date": "2005-07-20T07:23:12",
"db": "PACKETSTORM",
"id": "38779"
},
{
"date": "2005-07-19T14:36:44",
"db": "PACKETSTORM",
"id": "38762"
},
{
"date": "2005-04-18T07:21:17",
"db": "PACKETSTORM",
"id": "37143"
},
{
"date": "2006-01-05T02:07:56",
"db": "PACKETSTORM",
"id": "42808"
},
{
"date": "2006-01-05T16:28:15",
"db": "PACKETSTORM",
"id": "42811"
},
{
"date": "2005-04-12T04:00:00",
"db": "NVD",
"id": "CVE-2004-0791"
},
{
"date": "2005-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200504-030"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-05-01T00:00:00",
"db": "CERT/CC",
"id": "VU#415294"
},
{
"date": "2006-12-08T19:54:00",
"db": "BID",
"id": "13124"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000244"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2004-0791"
},
{
"date": "2005-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200504-030"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "38762"
},
{
"db": "PACKETSTORM",
"id": "42808"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-030"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Border Gateway Protocol relies on persistent TCP sessions without specifying authentication requirements",
"sources": [
{
"db": "CERT/CC",
"id": "VU#415294"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200504-030"
}
],
"trust": 0.6
}
}
VAR-201101-0120
Vulnerability from variot - Updated: 2023-12-18 11:39Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames. GNU libc is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to make the affected computer unresponsive, denying service to legitimate users. Multiple vendors' implementations are reported to be affected, including: NetBSD OpenBSD FreeBSD Oracle Solaris 10 Additional vendors' implementations may also be affected. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases.
For more information see vulnerability #2: SA42984
The vulnerability is reported in the following versions R15, R16, R16.1, and R16.2. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).
Request a free trial: http://secunia.com/products/corporate/vim/
TITLE: Oracle Solaris Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA42984
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42984/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42984
RELEASE DATE: 2011-01-19
DISCUSS ADVISORY: http://secunia.com/advisories/42984/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/42984/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=42984
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to disclose system information, cause a DoS (Denial of Service), and compromise a vulnerable system.
1) An unspecified error in the CDE Calendar Manager Service daemon can be exploited to potentially execute arbitrary code via specially crafted RPC packets.
2) An unspecified error in the FTP server can be exploited to cause a DoS.
3) An unspecified error in a Ethernet driver can be exploited to disclose certain system information.
4) An unspecified error in the kernel NFS component can be exploited to cause a DoS.
5) An unspecified error in the kernel can be exploited by local users to cause a DoS.
6) A second unspecified error in the kernel can be exploited by local users to cause a DoS.
7) An unspecified error in the Standard C Library (libc) can be exploited by local users to gain escalated privileges.
8) An unspecified error in the Fault Manager daemon can be exploited by local users to gain escalated privileges.
9) An unspecified error in the XScreenSaver component can be exploited by local users to gain escalated privileges.
SOLUTION: Apply patches (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information.
ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
============================================================================= FreeBSD-SA-13:02.libc Security Advisory The FreeBSD Project
Topic: glob(3) related resource exhaustion
Category: core Module: libc Announced: 2013-02-19 Affects: All supported versions of FreeBSD. Corrected: 2013-02-05 09:53:32 UTC (stable/7, 7.4-STABLE) 2013-02-19 13:27:20 UTC (releng/7.4, 7.4-RELEASE-p12) 2013-02-05 09:53:32 UTC (stable/8, 8.3-STABLE) 2013-02-19 13:27:20 UTC (releng/8.3, 8.3-RELEASE-p6) 2013-02-05 09:53:32 UTC (stable/9, 9.1-STABLE) 2013-02-19 13:27:20 UTC (releng/9.0, 9.0-RELEASE-p6) 2013-02-19 13:27:20 UTC (releng/9.1, 9.1-RELEASE-p1) CVE Name: CVE-2010-2632
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
The glob(3) function is a pathname generator that implements the rules for file name pattern matching used by the shell.
II. Problem Description
GLOB_LIMIT is supposed to limit the number of paths to prevent against memory or CPU attacks. The implementation however is insufficient.
III. Impact
An attacker that is able to exploit this vulnerability could cause excessive memory or CPU usage, resulting in a Denial of Service. A common target for a remote attacker could be ftpd(8).
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch http://security.FreeBSD.org/patches/SA-13:02/libc.patch
fetch http://security.FreeBSD.org/patches/SA-13:02/libc.patch.asc
gpg --verify libc.patch.asc
b) Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
Recompile the operating system using buildworld and installworld as described in .
Restart all daemons, or reboot the system.
3) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart all daemons, or reboot the system.
VI. Correction details
The following list contains the revision numbers of each file that was corrected in FreeBSD.
Branch/path Revision
stable/7/ r246357 releng/7.4/ r246989 stable/8/ r246357 releng/8.3/ r246989 stable/9/ r246357 releng/9.0/ r246989 releng/9.1/ r246989
VII. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2632
The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-13:02.libc.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (FreeBSD)
iEYEARECAAYFAlEjf80ACgkQFdaIBMps37JFUgCfUrw8Ky4U19COja6fna49Calv z/YAn1JSGxzHCo8vLj4XhtXqrQt68or4 =mCPv -----END PGP SIGNATURE----- . MacOSX 10.8.3 ftpd Remote Resource Exhaustion Maksymilian Arciemowicz http://cxsecurity.com/ http://cvemap.org/
Public Date: 01.02.2013 http://cxsecurity.com/cveshow/CVE-2010-2632 http://cxsecurity.com/cveshow/CVE-2011-0418
--- 1. Description --- Old vulnerability in libc allow to denial of service ftpd in MacOSX 10.8.3. Officially Apple has resolved this issue in Jun 2011. Apple use tnftpd as a main ftp server. tnftpd has migrated some functions from libc to own code (including glob(3)). Missing patch for resource exhaustion was added in version 20130322.
To this time, we can use CVE-2010-2632 to denial of service the ftp server. The funniest is report
http://support.apple.com/kb/ht4723
where CVE-2010-2632 was patched. That true 'libc is patched', but nobody from Apple has verified ftp. I really don't believe in penetrating testing form Apple side. Situation don't seems good. I has asked for open source donations, unfortunately Apple do not financial help vendors, what use their software in own products.
Proof of Concept is available since 2010
http://cxsecurity.com/issue/WLB-2011030145
Video demonstrated how to kill Mac Mini in basic version i5 with 10GB RAM in 30 min is available on
http://cxsec.org/video/macosx_ftpd_poc/
--- 2. References --- Multiple Vendors libc/glob(3) remote ftpd resource exhaustion http://cxsecurity.com/issue/WLB-2010100135 http://cxsecurity.com/cveshow/CVE-2010-2632
Multiple FTPD Server GLOB_BRACE|GLOB_LIMIT memory exhaustion http://cxsecurity.com/issue/WLB-2011050004 http://cxsecurity.com/cveshow/CVE-2011-0418
More CWE-399 resource exhaustion examples: http://cxsecurity.com/cwe/CWE-399
Last related to http://www.freebsd.org/security/advisories/FreeBSD-SA-13:02.libc.asc
--- 3. Contact --- Maksymilian Arciemowicz
Best regards, CXSEC TEAM http://cxsecurity.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201101-0120",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.11"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.9"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.8"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.7"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0"
},
{
"model": "7.4-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.0.4"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.2"
},
{
"model": "release p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.3--"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"model": "6.4-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "7.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release-p2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.2x"
},
{
"model": "7.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "7.0-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "-current",
"scope": null,
"trust": 0.3,
"vendor": "openbsd",
"version": null
},
{
"model": "release -p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2-"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "8.1-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "7.0-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.1.5.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "tnftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "tnftpd",
"version": "20091122"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.7.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.3"
},
{
"model": "glibc and greater",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.1.9"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.10.1"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"model": "beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0.1"
},
{
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "6.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5x"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.5"
},
{
"model": "7.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.2"
},
{
"model": "7.2-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "7.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.7"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.1.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.7"
},
{
"model": "-pre-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "15.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3"
},
{
"model": "7.3-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "7.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "7.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "8.2-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release-p10",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "8.1-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"model": "7.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "7.2-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.0.3"
},
{
"model": "ip deskphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "96x16"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.3x"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "glibc2",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.1x"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.0.2"
},
{
"model": "7.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0.x"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "8.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "7.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.3"
},
{
"model": "8.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.1-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2.3"
},
{
"model": "6.4-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "8.2-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release-p9",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2x"
},
{
"model": "7.0-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.1"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.1.1-6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.1"
},
{
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2.2"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.0.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.2"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "tnftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "tnftpd",
"version": "20080609"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "6.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "cfengine",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "1.2.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "-release-p1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.1.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.1.9"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2.4"
},
{
"model": "-stablepre2001-07-20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "6.3-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.11.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "-release-p6",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "7.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "8.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "7.0-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "7.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "-release-p9",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.4"
},
{
"model": "6.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.1.5"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.11.2"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.1.3-10"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "7.1-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.4x"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0.x"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "6.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1x"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.10"
},
{
"model": "tnftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "tnftpd",
"version": "20080929"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "tnftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "tnftpd",
"version": "20081009"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.4"
}
],
"sources": [
{
"db": "BID",
"id": "43819"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001081"
},
{
"db": "NVD",
"id": "CVE-2010-2632"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.11:*:express:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2632"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maksymilian Arciemowicz",
"sources": [
{
"db": "BID",
"id": "43819"
},
{
"db": "PACKETSTORM",
"id": "121281"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
],
"trust": 1.0
},
"cve": "CVE-2010-2632",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-2632",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-2632",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201101-220",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2632",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2632"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001081"
},
{
"db": "NVD",
"id": "CVE-2010-2632"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames. GNU libc is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to make the affected computer unresponsive, denying service to legitimate users. \nMultiple vendors\u0027 implementations are reported to be affected, including:\nNetBSD\nOpenBSD\nFreeBSD\nOracle Solaris 10\nAdditional vendors\u0027 implementations may also be affected. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. \n\nFor more information see vulnerability #2:\nSA42984\n\nThe vulnerability is reported in the following versions R15, R16,\nR16.1, and R16.2. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nOracle Solaris Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA42984\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42984/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42984\n\nRELEASE DATE:\n2011-01-19\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42984/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42984/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42984\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Solaris, which can be\nexploited by malicious, local users to cause a DoS (Denial of\nService) and gain escalated privileges and by malicious people to\ndisclose system information, cause a DoS (Denial of Service), and\ncompromise a vulnerable system. \n\n1) An unspecified error in the CDE Calendar Manager Service daemon\ncan be exploited to potentially execute arbitrary code via specially\ncrafted RPC packets. \n\n2) An unspecified error in the FTP server can be exploited to cause a\nDoS. \n\n3) An unspecified error in a Ethernet driver can be exploited to\ndisclose certain system information. \n\n4) An unspecified error in the kernel NFS component can be exploited\nto cause a DoS. \n\n5) An unspecified error in the kernel can be exploited by local users\nto cause a DoS. \n\n6) A second unspecified error in the kernel can be exploited by local\nusers to cause a DoS. \n\n7) An unspecified error in the Standard C Library (libc) can be\nexploited by local users to gain escalated privileges. \n\n8) An unspecified error in the Fault Manager daemon can be exploited\nby local users to gain escalated privileges. \n\n9) An unspecified error in the XScreenSaver component can be\nexploited by local users to gain escalated privileges. \n\nSOLUTION:\nApply patches (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nIt is currently unclear who reported these vulnerabilities as the\nOracle Critical Patch Update for January 2011 only provides a bundled\nlist of credits. This section will be updated when/if the original\nreporter provides more information. \n\nORIGINAL ADVISORY:\nhttp://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-13:02.libc Security Advisory\n The FreeBSD Project\n\nTopic: glob(3) related resource exhaustion\n\nCategory: core\nModule: libc\nAnnounced: 2013-02-19\nAffects: All supported versions of FreeBSD. \nCorrected: 2013-02-05 09:53:32 UTC (stable/7, 7.4-STABLE)\n 2013-02-19 13:27:20 UTC (releng/7.4, 7.4-RELEASE-p12)\n 2013-02-05 09:53:32 UTC (stable/8, 8.3-STABLE)\n 2013-02-19 13:27:20 UTC (releng/8.3, 8.3-RELEASE-p6)\n 2013-02-05 09:53:32 UTC (stable/9, 9.1-STABLE)\n 2013-02-19 13:27:20 UTC (releng/9.0, 9.0-RELEASE-p6)\n 2013-02-19 13:27:20 UTC (releng/9.1, 9.1-RELEASE-p1)\nCVE Name: CVE-2010-2632\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\nI. Background\n\nThe glob(3) function is a pathname generator that implements the rules for\nfile name pattern matching used by the shell. \n\nII. Problem Description\n\nGLOB_LIMIT is supposed to limit the number of paths to prevent against\nmemory or CPU attacks. The implementation however is insufficient. \n\nIII. Impact\n\nAn attacker that is able to exploit this vulnerability could cause excessive\nmemory or CPU usage, resulting in a Denial of Service. A common target for\na remote attacker could be ftpd(8). \n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-13:02/libc.patch\n# fetch http://security.FreeBSD.org/patches/SA-13:02/libc.patch.asc\n# gpg --verify libc.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nRecompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:http://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all daemons, or reboot the system. \n\n3) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart all daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/7/ r246357\nreleng/7.4/ r246989\nstable/8/ r246357\nreleng/8.3/ r246989\nstable/9/ r246357\nreleng/9.0/ r246989\nreleng/9.1/ r246989\n- -------------------------------------------------------------------------\n\nVII. References\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2632\n\nThe latest revision of this advisory is available at\nhttp://security.FreeBSD.org/advisories/FreeBSD-SA-13:02.libc.asc\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (FreeBSD)\n\niEYEARECAAYFAlEjf80ACgkQFdaIBMps37JFUgCfUrw8Ky4U19COja6fna49Calv\nz/YAn1JSGxzHCo8vLj4XhtXqrQt68or4\n=mCPv\n-----END PGP SIGNATURE-----\n. MacOSX 10.8.3 ftpd Remote Resource Exhaustion\nMaksymilian Arciemowicz\nhttp://cxsecurity.com/\nhttp://cvemap.org/\n\nPublic Date: 01.02.2013\nhttp://cxsecurity.com/cveshow/CVE-2010-2632\nhttp://cxsecurity.com/cveshow/CVE-2011-0418\n\n--- 1. Description ---\nOld vulnerability in libc allow to denial of service ftpd in MacOSX 10.8.3. Officially Apple has resolved this issue in Jun 2011. Apple use tnftpd as a main ftp server. tnftpd has migrated some functions from libc to own code (including glob(3)). Missing patch for resource exhaustion was added in version 20130322. \n\nTo this time, we can use CVE-2010-2632 to denial of service the ftp server. The funniest is report\n\nhttp://support.apple.com/kb/ht4723\n\nwhere CVE-2010-2632 was patched. That true \u0027libc is patched\u0027, but nobody from Apple has verified ftp. I really don\u0027t believe in penetrating testing form Apple side. Situation don\u0027t seems good. I has asked for open source donations, unfortunately Apple do not financial help vendors, what use their software in own products. \n\nProof of Concept is available since 2010\n\nhttp://cxsecurity.com/issue/WLB-2011030145\n\nVideo demonstrated how to kill Mac Mini in basic version i5 with 10GB RAM in 30 min is available on\n\nhttp://cxsec.org/video/macosx_ftpd_poc/\n\n--- 2. References ---\nMultiple Vendors libc/glob(3) remote ftpd resource exhaustion\nhttp://cxsecurity.com/issue/WLB-2010100135\nhttp://cxsecurity.com/cveshow/CVE-2010-2632\n\nMultiple FTPD Server GLOB_BRACE|GLOB_LIMIT memory exhaustion\nhttp://cxsecurity.com/issue/WLB-2011050004\nhttp://cxsecurity.com/cveshow/CVE-2011-0418\n\nMore CWE-399 resource exhaustion examples:\nhttp://cxsecurity.com/cwe/CWE-399\n\nLast related to\nhttp://www.freebsd.org/security/advisories/FreeBSD-SA-13:02.libc.asc\n\n--- 3. Contact ---\nMaksymilian Arciemowicz\n\nBest regards,\nCXSEC TEAM\nhttp://cxsecurity.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2632"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001081"
},
{
"db": "BID",
"id": "43819"
},
{
"db": "VULMON",
"id": "CVE-2010-2632"
},
{
"db": "PACKETSTORM",
"id": "98848"
},
{
"db": "PACKETSTORM",
"id": "97658"
},
{
"db": "PACKETSTORM",
"id": "120399"
},
{
"db": "PACKETSTORM",
"id": "121281"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=15215",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2632"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2632",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "42984",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024975",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0151",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43433",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "55212",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10598",
"trust": 1.1
},
{
"db": "BID",
"id": "43819",
"trust": 1.1
},
{
"db": "XF",
"id": "64798",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001081",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201101-220",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "15215",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98848",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97658",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120399",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2010100135",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2011030145",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2011050004",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121281",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2632"
},
{
"db": "BID",
"id": "43819"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001081"
},
{
"db": "PACKETSTORM",
"id": "98848"
},
{
"db": "PACKETSTORM",
"id": "97658"
},
{
"db": "PACKETSTORM",
"id": "120399"
},
{
"db": "PACKETSTORM",
"id": "121281"
},
{
"db": "NVD",
"id": "CVE-2010-2632"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
]
},
"id": "VAR-201101-0120",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.28947368
},
"last_update_date": "2023-12-18T11:39:31.555000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4723",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4723"
},
{
"title": "cpujan2011-194091",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"title": "9223.0",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39531"
},
{
"title": "CVE-2010-4756",
"trust": 0.1,
"url": "https://github.com/alaial90/cve-2010-4756 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2632"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001081"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2632"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0151"
},
{
"trust": 1.9,
"url": "http://secunia.com/advisories/42984"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1024975"
},
{
"trust": 1.5,
"url": "https://support.avaya.com/css/p8/documents/100127892"
},
{
"trust": 1.4,
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43433"
},
{
"trust": 1.1,
"url": "http://securityreason.com/achievement_securityalert/97"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10598"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/55212"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64798"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2632"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/64798"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu976710"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2632"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/43819"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/"
},
{
"trust": 0.3,
"url": "http://www.gnu.org/software/libc/"
},
{
"trust": 0.3,
"url": "http://www.netbsd.org/"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org"
},
{
"trust": 0.3,
"url": "http://www.sun.com/software/solaris/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100150582"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2632"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=21555"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/15215/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43433/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43433/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43433"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42984/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42984/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42984"
},
{
"trust": 0.1,
"url": "http://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/advisories/freebsd-sa-13:02.libc.asc"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-13:02/libc.patch.asc"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-13:02/libc.patch"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/cveshow/cve-2011-0418"
},
{
"trust": 0.1,
"url": "http://cvemap.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0418"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/issue/wlb-2011030145"
},
{
"trust": 0.1,
"url": "http://cxsec.org/video/macosx_ftpd_poc/"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-13:02.libc.asc"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht4723"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/cveshow/cve-2010-2632"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/cwe/cwe-399"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/issue/wlb-2010100135"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/issue/wlb-2011050004"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2632"
},
{
"db": "BID",
"id": "43819"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001081"
},
{
"db": "PACKETSTORM",
"id": "98848"
},
{
"db": "PACKETSTORM",
"id": "97658"
},
{
"db": "PACKETSTORM",
"id": "120399"
},
{
"db": "PACKETSTORM",
"id": "121281"
},
{
"db": "NVD",
"id": "CVE-2010-2632"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2010-2632"
},
{
"db": "BID",
"id": "43819"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001081"
},
{
"db": "PACKETSTORM",
"id": "98848"
},
{
"db": "PACKETSTORM",
"id": "97658"
},
{
"db": "PACKETSTORM",
"id": "120399"
},
{
"db": "PACKETSTORM",
"id": "121281"
},
{
"db": "NVD",
"id": "CVE-2010-2632"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-01-19T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2632"
},
{
"date": "2010-10-06T00:00:00",
"db": "BID",
"id": "43819"
},
{
"date": "2011-02-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001081"
},
{
"date": "2011-03-03T07:44:36",
"db": "PACKETSTORM",
"id": "98848"
},
{
"date": "2011-01-19T04:51:45",
"db": "PACKETSTORM",
"id": "97658"
},
{
"date": "2013-02-19T23:02:22",
"db": "PACKETSTORM",
"id": "120399"
},
{
"date": "2013-04-12T00:01:11",
"db": "PACKETSTORM",
"id": "121281"
},
{
"date": "2011-01-19T16:00:02.263000",
"db": "NVD",
"id": "CVE-2010-2632"
},
{
"date": "2011-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2632"
},
{
"date": "2013-10-16T01:44:00",
"db": "BID",
"id": "43819"
},
{
"date": "2011-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001081"
},
{
"date": "2017-08-17T01:32:46.557000",
"db": "NVD",
"id": "CVE-2010-2632"
},
{
"date": "2011-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Oracle Solaris of FTB Server vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001081"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201101-220"
}
],
"trust": 0.6
}
}
VAR-200304-0013
Vulnerability from variot - Updated: 2023-12-18 11:16The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. Sendmail contains a buffer overflow in code that parses email addresses. A remote attacker could execute arbitrary code or cause a denial of service on a vulnerable system. The flaw is present in the 'prescan()' procedure, which is used for processing email addresses in SMTP headers. This vulnerability stems from a logic error in the conversion of a char to an integer value. The issue has been fixed Sendmail 8.12.9. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. Sendmail is one of the most popular MTAs. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\% to 75\% of the total. Many UNIX and Linux workstations run Sendmail by default. This vulnerability exists in the prescan() process. The vulnerability is for messages, not connections. This means that the vulnerability is triggered by the content of a specially crafted email message, rather than by lower-level network communications. This is important because a non-vulnerable MTA can send malicious messages along with other protected MTAs in the network. In other words, even if the software used by the boundary MTA of the site is not sendmail, the sendmail service program with loopholes inside the network is still threatened. Messages that exploit this vulnerability can also pass through many common packet filters or firewalls undetected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0013",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "switch",
"scope": "eq",
"trust": 1.8,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "10.24"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.34"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.0.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.30"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.26"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.16"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk3_bl3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk6_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk2_bl2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0d_pk9_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk5_bl19"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0f"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk7_bl18"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk4_bl18"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "hp-ux series 700",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.20"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk1_bl1"
},
{
"model": "sis",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0a"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0a_pk3_bl17"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk3_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0_pk4_bl18"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "8.0"
},
{
"model": "hp-ux series 800",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.20"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.00"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0d"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk1_bl1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.08"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0_pk4_bl17"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk6_bl20"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk3_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.4"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.09"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0b"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mirapoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sequent ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sendmail consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "sendmail",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail consortium",
"version": "8.11.6"
},
{
"model": "sendmail",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail consortium",
"version": "8.12.8"
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "advanced message server",
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.1.x"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.2.x"
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "11.04"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.6,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "hp-ux sis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "z/os v1r4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "os/390 v2r6",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "tru64 f pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "consortium sendmail beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "tru64 pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "nonstop-ux whitney",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "z/os",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "os/390 v2r9",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "solaris x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.9"
},
{
"model": "hp-ux series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20700"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "z/os v1r2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "consortium sendmail beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.7"
},
{
"model": "tru64 g pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 d pk9",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail beta16",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "os/390 v2r8",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "solaris 2.4 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq 4100r",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "tru64 d",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.8"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "nonstop-ux puma",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "tru64 f pk7",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "openlinux server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.1.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64 pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "cobalt qube3 4000wg",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.8"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "consortium sendmail beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "os/390 v2r10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "altavista firewall avfw98",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 b pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.9"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "solaris 2.5 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "openlinux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.1.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.4"
},
{
"model": "consortium sendmail beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "tru64 a pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "tru64 a pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2"
},
{
"model": "lx50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "alphaserver sc",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "tru64 pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "solaris ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "hp-ux series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20800"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "mvs",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cobalt raq4 3001r",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "cobalt raq xtr 3500r",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "altavista firewall raptor ec",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0d_pk9_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:sis:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0a_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0161"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michal Zalewski\u203b lcamtuf@dione.ids.pl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0161",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2003-0161",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-6991",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0161",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#897604",
"trust": 0.8,
"value": "67.20"
},
{
"author": "CNNVD",
"id": "CNNVD-200304-025",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-6991",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2003-0161",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. Sendmail contains a buffer overflow in code that parses email addresses. A remote attacker could execute arbitrary code or cause a denial of service on a vulnerable system. The flaw is present in the \u0027prescan()\u0027 procedure, which is used for processing email addresses in SMTP headers. This vulnerability stems from a logic error in the conversion of a char to an integer value. The issue has been fixed Sendmail 8.12.9. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. Sendmail is one of the most popular MTAs. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\\\\% to 75\\\\% of the total. Many UNIX and Linux workstations run Sendmail by default. This vulnerability exists in the prescan() process. The vulnerability is for messages, not connections. This means that the vulnerability is triggered by the content of a specially crafted email message, rather than by lower-level network communications. This is important because a non-vulnerable MTA can send malicious messages along with other protected MTAs in the network. In other words, even if the software used by the boundary MTA of the site is not sendmail, the sendmail service program with loopholes inside the network is still threatened. Messages that exploit this vulnerability can also pass through many common packet filters or firewalls undetected",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=24",
"trust": 0.2,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-6991",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#897604",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2003-0161",
"trust": 2.9
},
{
"db": "BID",
"id": "7230",
"trust": 2.9
},
{
"db": "XF",
"id": "11653",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025",
"trust": 0.7
},
{
"db": "REDHAT",
"id": "RHSA-2003:121",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:120",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-278",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-290",
"trust": 0.6
},
{
"db": "SCO",
"id": "SCOSA-2004.11",
"trust": 0.6
},
{
"db": "IMMUNIX",
"id": "IMNX-2003-7+-002-01",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "52620",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "52700",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "1001088",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030329 SENDMAIL 8.12.9 AVAILABLE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030520 [FWD: 127 RESEARCH AND DEVELOPMENT: 127 DAY!]",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030331 GLSA: SENDMAIL (200303-27)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030329 SENDMAIL: -1 GONE WILD",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030330 [OPENPKG-SA-2003.027] OPENPKG SECURITY ADVISORY (SENDMAIL)",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20030329 SENDMAIL: -1 GONE WILD",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-12",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2003:614",
"trust": 0.6
},
{
"db": "SGI",
"id": "20030401-01-P",
"trust": 0.6
},
{
"db": "CALDERA",
"id": "CSSA-2003-016.0",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200303-27",
"trust": 0.6
},
{
"db": "FREEBSD",
"id": "FREEBSD-SA-03:07",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "24",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-15232",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-62723",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76244",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22442",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-6991",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2003-0161",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"id": "VAR-200304-0013",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6991"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:16:12.729000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00253",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00958571"
},
{
"title": "HPSBUX0304-253",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0304-253.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ibm.com/jp/"
},
{
"title": "RHSA-2003:120",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-120.html"
},
{
"title": "sendmail 8.12.9 available",
"trust": 0.8,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"title": "52620",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"title": "52700",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"title": "52700",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-3"
},
{
"title": "52620",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-3"
},
{
"title": "4 Sendmail Security Update 2.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026amp;nav=patchpage"
},
{
"title": "XTR Sendmail Security Update 1.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026amp;nav=patchpage"
},
{
"title": "550 Sendmail Security Update 0.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
},
{
"title": "TLSA-2003-24",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-24.txt"
},
{
"title": "Sendmail Inc. Information for VU#897604",
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/aamn-5kuutz"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sendmail.co.jp/"
},
{
"title": "RHSA-2003:120",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-120j.html"
},
{
"title": "TLSA-2003-24",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-24j.txt"
},
{
"title": "Debian Security Advisories: DSA-290-1 sendmail-wide -- char-to-int conversion",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=8086c3d7d3014252ce37b8626383010c"
},
{
"title": "cumes",
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0161"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/897604"
},
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/7230"
},
{
"trust": 2.6,
"url": "http://www.cert.org/advisories/ca-2003-12.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/archive/1/321997"
},
{
"trust": 1.8,
"url": "ftp://ftp.caldera.com/pub/security/openlinux/cssa-2003-016.0.txt"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-278"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-290"
},
{
"trust": 1.8,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-03:07.sendmail.asc"
},
{
"trust": 1.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-march/004295.html"
},
{
"trust": 1.8,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-120.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-121.html"
},
{
"trust": 1.8,
"url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2004.11/scosa-2004.11.txt"
},
{
"trust": 1.8,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-p"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/archive/1/317135/30/25220/threaded"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/archive/1/316773/2003-03-28/2003-04-03/0"
},
{
"trust": 0.8,
"url": "http://www.iss.net/issen/delivery/xforce/alertdetail.jsp?oid=22127"
},
{
"trust": 0.8,
"url": "http://www.sendmail.org/secure-install.html"
},
{
"trust": 0.8,
"url": "http://www.sendmail.org/ftp/release_notes"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2047.txt"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-067.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0161"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20030331sendmail.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031401.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031501.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031301.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2003/at030004.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-12"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-07/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0161"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/11653"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/sendmail033103_xforce.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030330_153031.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030506_122656.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/316961/30/25250/threaded"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f52620"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2003.0793.1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2003-121.html"
},
{
"trust": 0.3,
"url": "http://www.sendmail.org/"
},
{
"trust": 0.3,
"url": "http://www.sotlinux.org/en/sotlinux/sa/2003/2003-0019.php"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v4.0f/duv40fb18-c0093400-17811-es-20030403.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1a/t64v51ab21-c0112900-17770-es-20030402.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1b/t64v51bb1-c0008000-17812-es-20030403.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51b20-c0176700-17773-es-20030402.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v4.0g/t64v40gb17-c0029200-17810-es-20030403.readme"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f52700\u0026zone_32=category%3asecurity"
},
{
"trust": 0.3,
"url": "/archive/1/321997"
},
{
"trust": 0.3,
"url": "/archive/1/316760"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104897487512238\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104896621106790\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104914999806315\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000614"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-290"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/24/"
},
{
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-29T00:00:00",
"db": "CERT/CC",
"id": "VU#897604"
},
{
"date": "2003-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-6991"
},
{
"date": "2003-04-02T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"date": "2003-03-29T00:00:00",
"db": "BID",
"id": "7230"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"date": "2003-04-02T05:00:00",
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"date": "2003-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-25T00:00:00",
"db": "CERT/CC",
"id": "VU#897604"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-6991"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"date": "2007-09-21T23:40:00",
"db": "BID",
"id": "7230"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"date": "2010-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sendmail address parsing buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "7230"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
],
"trust": 0.9
}
}
VAR-200506-0234
Vulnerability from variot - Updated: 2023-12-18 11:13The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Remote attackers who exploit this issue IFRAME Tag and "TELNET://" Formal URI Etc., Web Malicious via page or email Telnet By guiding the target user to connect to the server, important information on the target system, such as the user name, executable file search path, and the location of important data, may be taken. Also some Linux Included with the distribution Kerberos Has been reported to be affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. Telnet clients provided by multiple vendors are prone to a remote information-disclosure vulnerability. Attackers can retrieve any information stored in the environment of clients using the affected telnet application. The contents of the environment variables may be sensitive in nature, allowing attackers to gain information that may aid them in further attacks. This can be exploited to gain knowledge of the session variables for a user, who has an open connection to a malicious Telnet server.
Successful exploitation requires that a user e.g. visits a malicious web site or is tricked into clicking a specially crafted link.
SOLUTION: Apply patches.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200506-0234",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "web"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "enterprise"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "standard"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "windows server 2003",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "sunos x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "sunos",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.9"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "5.2"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "4.2"
},
{
"model": "windows server enterprise edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "solaris 2.7 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.2"
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "mn100",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.3"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows server standard edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "3-dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "3.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "sunos x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.9"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux imap server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "windows server datacenter edition sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.7"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "sunos",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.8"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "5.0"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "windows server enterprise edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1x86"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "4.4"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.1"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux enterprise server for s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.8"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "3-dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.7"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "windows server datacenter edition itanium sp1 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20031"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.7"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.2"
},
{
"model": "sunos",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.7"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "propack sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "linux database server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "services for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2.2"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.4"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "services for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "4.4.1"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "services for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "3.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "7.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "linux office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "services for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "3.5"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "suse email server iii",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "services for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.1"
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "sunos x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.7"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "suse email server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "3.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "linux enterprise server for s/390",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "4.0"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "linux connectivity server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "5.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.10"
}
],
"sources": [
{
"db": "BID",
"id": "13940"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000382"
},
{
"db": "NVD",
"id": "CVE-2005-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-200506-123"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1205"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ga\u0026euml;l Delalleau gael.delalleau+ moz@m4x.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200506-123"
}
],
"trust": 0.6
},
"cve": "CVE-2005-1205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2005-1205",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-1205",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200506-123",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2005-1205",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2005-1205"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000382"
},
{
"db": "NVD",
"id": "CVE-2005-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-200506-123"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Remote attackers who exploit this issue IFRAME Tag and \"TELNET://\" Formal URI Etc., Web Malicious via page or email Telnet By guiding the target user to connect to the server, important information on the target system, such as the user name, executable file search path, and the location of important data, may be taken. Also some Linux Included with the distribution Kerberos Has been reported to be affected by this issue.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Telnet clients provided by multiple vendors are prone to a remote information-disclosure vulnerability. \nAttackers can retrieve any information stored in the environment of clients using the affected telnet application. The contents of the environment variables may be sensitive in nature, allowing attackers to gain information that may aid them in further attacks. This can be exploited to gain knowledge of the session\nvariables for a user, who has an open connection to a malicious\nTelnet server. \n\nSuccessful exploitation requires that a user e.g. visits a malicious\nweb site or is tricked into clicking a specially crafted link. \n\nSOLUTION:\nApply patches. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1205"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000382"
},
{
"db": "BID",
"id": "13940"
},
{
"db": "VULMON",
"id": "CVE-2005-1205"
},
{
"db": "PACKETSTORM",
"id": "37995"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13940",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2005-1205",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "15690",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#800829",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1014203",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000382",
"trust": 0.8
},
{
"db": "MS",
"id": "MS05-033",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1132",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:784",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:605",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20050614 MULTIPLE VENDOR TELNET CLIENT INFORMATION DISCLOSURE VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200506-123",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2005-1205",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37995",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2005-1205"
},
{
"db": "BID",
"id": "13940"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000382"
},
{
"db": "PACKETSTORM",
"id": "37995"
},
{
"db": "NVD",
"id": "CVE-2005-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-200506-123"
}
]
},
"id": "VAR-200506-0234",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4615448
},
"last_update_date": "2023-12-18T11:13:25.482000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS05-033",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-033.mspx"
},
{
"title": "krb5",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/krb5.html"
},
{
"title": "RHSA-2005:562",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-562.html"
},
{
"title": "RHSA-2005:504",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-504.html"
},
{
"title": "101665",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1"
},
{
"title": "101671",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1"
},
{
"title": "101665",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-3"
},
{
"title": "101671",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-3"
},
{
"title": "MS05-033",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms05-033.mspx"
},
{
"title": "RHSA-2005:562",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-562j.html"
},
{
"title": "RHSA-2005:504",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-504j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000382"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://secunia.com/advisories/15690/"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/13940"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/800829"
},
{
"trust": 1.8,
"url": "http://idefense.com/application/poi/display?id=260\u0026type=vulnerabilities"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014203"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a784"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a605"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1132"
},
{
"trust": 1.1,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-033"
},
{
"trust": 1.0,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-033.mspx"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-1205"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-1205"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:784"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:605"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1132"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-145_rhsa-2005-504.pdf"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2005-562.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2005-567.html"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windowsserversystem/sfu/"
},
{
"trust": 0.3,
"url": "http://tech.f5.com/home/bigip/solutions/advisories/sol4616.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1"
},
{
"trust": 0.3,
"url": "/archive/1/402230"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=32c4e286-2c4d-491a-9e05-4ca0b055d5dc"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1176/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/22/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=c6161d9e-1672-479e-8baf-754a64dfab47"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=7c3dd615-b82d-4520-9c3a-376283b01d5b"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1175/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5243/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=22095e78-a559-40ea-8b65-9c727f4e752f"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5244/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=b8ba775e-e9a7-47e9-81a9-a68a71b9faac"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1173/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=dcc6840f-e626-4266-a63a-cddec0ec44d6"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=b281550b-8fae-4ff3-9bb7-e4ba325779b9"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1174/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=8eaad650-54db-44bc-ac9b-fc8a50f5a3b5"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=c23a4e16-e228-4a80-a4cb-9dcef462b97a"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2005-1205"
},
{
"db": "BID",
"id": "13940"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000382"
},
{
"db": "PACKETSTORM",
"id": "37995"
},
{
"db": "NVD",
"id": "CVE-2005-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-200506-123"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2005-1205"
},
{
"db": "BID",
"id": "13940"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000382"
},
{
"db": "PACKETSTORM",
"id": "37995"
},
{
"db": "NVD",
"id": "CVE-2005-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-200506-123"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-06-14T00:00:00",
"db": "VULMON",
"id": "CVE-2005-1205"
},
{
"date": "2005-06-14T00:00:00",
"db": "BID",
"id": "13940"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000382"
},
{
"date": "2005-06-16T05:01:37",
"db": "PACKETSTORM",
"id": "37995"
},
{
"date": "2005-06-14T04:00:00",
"db": "NVD",
"id": "CVE-2005-1205"
},
{
"date": "2005-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200506-123"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-12T00:00:00",
"db": "VULMON",
"id": "CVE-2005-1205"
},
{
"date": "2006-08-02T20:16:00",
"db": "BID",
"id": "13940"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000382"
},
{
"date": "2018-10-12T21:36:25.407000",
"db": "NVD",
"id": "CVE-2005-1205"
},
{
"date": "2012-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200506-123"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200506-123"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Windows of Telnet Environment variable disclosure vulnerability in the client",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000382"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200506-123"
}
],
"trust": 0.6
}
}
FKIE_CVE-2015-0430
Vulnerability from fkie_nvd - Published: 2015-01-21 19:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E75493D0-F060-4CBA-8AB0-C4FE8B2A8C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "469D76B5-BDCE-4305-988D-487FF37388BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11 permite a usuarios locales afectar la confidencialidad a trav\u00e9s de vectores relacionados con la utilidad RPC."
}
],
"id": "CVE-2015-0430",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-21T19:59:16.203",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/72141"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100175"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0429
Vulnerability from fkie_nvd - Published: 2015-01-21 19:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E75493D0-F060-4CBA-8AB0-C4FE8B2A8C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "469D76B5-BDCE-4305-988D-487FF37388BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11 permite a usuarios locales afectar la integridad y la disponibilidad a trav\u00e9s de vectores relacionados con la utilidad RPC."
}
],
"id": "CVE-2015-0429",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-21T19:59:15.373",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/72133"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100172"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0428
Vulnerability from fkie_nvd - Published: 2015-01-21 19:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E75493D0-F060-4CBA-8AB0-C4FE8B2A8C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "469D76B5-BDCE-4305-988D-487FF37388BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11 permite a usuarios locales afectar la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con el control de recursos."
}
],
"id": "CVE-2015-0428",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-21T19:59:14.420",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/72144"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100169"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0397
Vulnerability from fkie_nvd - Published: 2015-01-21 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:sunos:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "469D76B5-BDCE-4305-988D-487FF37388BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Sun Solaris 11 permite a usuarios locales afectar la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con el sistema de ficheros (File System), una vulnerabilidad diferente a CVE-2014-6570 y CVE-2014-6600."
}
],
"id": "CVE-2015-0397",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-21T18:59:40.387",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/72164"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100173"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0375
Vulnerability from fkie_nvd - Published: 2015-01-21 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network.
References
| URL | Tags | ||
|---|---|---|---|
| secalert_us@oracle.com | http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | Patch, Vendor Advisory | |
| secalert_us@oracle.com | http://www.securityfocus.com/bid/72153 | Third Party Advisory, VDB Entry | |
| secalert_us@oracle.com | http://www.securitytracker.com/id/1031583 | Third Party Advisory, VDB Entry | |
| secalert_us@oracle.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/100164 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72153 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1031583 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/100164 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E75493D0-F060-4CBA-8AB0-C4FE8B2A8C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "469D76B5-BDCE-4305-988D-487FF37388BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11 permite a atacantes remotos afectar la confidencialidad a trav\u00e9s de vectores relacionados con Network."
}
],
"id": "CVE-2015-0375",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-21T18:59:21.967",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72153"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100164"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2015-0429 (GCVE-0-2015-0429)
Vulnerability from cvelistv5 – Published: 2015-01-21 19:00 – Updated: 2024-08-06 04:10
VLAI?
Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "72133",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72133"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "oracle-cpujan2015-cve20150429(100172)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "72133",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72133"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "oracle-cpujan2015-cve20150429(100172)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100172"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "72133",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72133"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "oracle-cpujan2015-cve20150429(100172)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100172"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0429",
"datePublished": "2015-01-21T19:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0428 (GCVE-0-2015-0428)
Vulnerability from cvelistv5 – Published: 2015-01-21 19:00 – Updated: 2024-08-06 04:10
VLAI?
Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150428(100169)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100169"
},
{
"name": "72144",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72144"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150428(100169)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100169"
},
{
"name": "72144",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72144"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150428(100169)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100169"
},
{
"name": "72144",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72144"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0428",
"datePublished": "2015-01-21T19:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0430 (GCVE-0-2015-0430)
Vulnerability from cvelistv5 – Published: 2015-01-21 19:00 – Updated: 2024-08-06 04:10
VLAI?
Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.910Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150430(100175)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100175"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "72141",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72141"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150430(100175)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100175"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "72141",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72141"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150430(100175)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100175"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "72141",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72141"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0430",
"datePublished": "2015-01-21T19:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0429 (GCVE-0-2015-0429)
Vulnerability from nvd – Published: 2015-01-21 19:00 – Updated: 2024-08-06 04:10
VLAI?
Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "72133",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72133"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "oracle-cpujan2015-cve20150429(100172)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "72133",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72133"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "oracle-cpujan2015-cve20150429(100172)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100172"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "72133",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72133"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "oracle-cpujan2015-cve20150429(100172)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100172"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0429",
"datePublished": "2015-01-21T19:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0428 (GCVE-0-2015-0428)
Vulnerability from nvd – Published: 2015-01-21 19:00 – Updated: 2024-08-06 04:10
VLAI?
Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150428(100169)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100169"
},
{
"name": "72144",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72144"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150428(100169)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100169"
},
{
"name": "72144",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72144"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150428(100169)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100169"
},
{
"name": "72144",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72144"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0428",
"datePublished": "2015-01-21T19:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0430 (GCVE-0-2015-0430)
Vulnerability from nvd – Published: 2015-01-21 19:00 – Updated: 2024-08-06 04:10
VLAI?
Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.910Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150430(100175)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100175"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "72141",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72141"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150430(100175)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100175"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "72141",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72141"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "oracle-cpujan2015-cve20150430(100175)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100175"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "72141",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72141"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0430",
"datePublished": "2015-01-21T19:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}